Information Security Analyst

At QuidelOrtho, we're advancing the power of diagnostics for a healthier future for all. Join our mission as our next Information Security Analyst. The Information Security Analyst is responsible for supporting and ensuring compliance with U.S. Department of Defense (DoD) and Veterans Affairs (VA) cybersecurity and regulatory requirements for QuidelOrtho products and services. This role plays a critical part in strengthening the organization's Information Security Governance, Risk, and Compliance (GRC) program while enabling secure delivery of healthcare and diagnostic solutions to federal customers., * Ensure compliance with DoD and VA cybersecurity requirements (e.g., RMF, NIST 800-53, FedRAMP where applicable).

• Support Authority to Operate (ATO) processes, including documentation, control implementation, and continuous monitoring.

• Collaborate with product, engineering, IT, and compliance teams to integrate security controls into systems and services.

• Conduct risk assessments, control testing, and gap analyses aligned with NIST, HIPAA, and other regulatory frameworks.

• Maintain and update security policies, standards, and procedures to meet federal and enterprise requirements.

• Assist in audit readiness and support internal/external audits (DoD, VA, HIPAA, as applicable).

• Monitor regulatory changes and assess impact on QuidelOrtho products and services.

• Support third-party/vendor risk management, especially for federal-facing solutions.

• Contribute to incident response, vulnerability management, and remediation tracking from a compliance perspective.

• Provide security awareness and guidance to cross-functional teams on federal compliance expectations.

• Perform other work-related duties as assigned., No strenuous physical activity required. Occasional light lifting of materials may be needed. Substantial time will be spent in virtual or in-person meetings, engaging with customers, and working on scientific content and documentation.

• Bachelor's degree or equivalent in Information Security, Cybersecurity, Computer Science, Information Systems, or related field.
• 2-4+ years of experience in Information Security, with a focus on GRC (Governance, Risk, and Compliance).
• Hands-on experience with federal security frameworks such as:

• NIST 800-53 / NIST CSF
• DoD RMF (Risk Management Framework)
• FedRAMP (preferred)

• Experience supporting ATO processes and working with federal agencies (DoD, VA, or similar).
• Familiarity with healthcare regulations such as HIPAA and handling sensitive health data.
• Experience conducting risk assessments, control evaluations, and compliance gap analyses.
• Understanding of cloud security concepts (AWS, Azure, or GCP) and their compliance implications.
• Strong documentation skills, including SSPs, POA&Ms, and security artifacts.
• Ability to work cross-functionally with technical and non-technical stakeholders.
• Strong analytical, problem-solving, and communication skills.
• This position is not currently eligible for visa sponsorship.

Preferred:

• Certified Authorization Professional (CAP) (strongly preferred for
• RMF/ATO work)
• CompTIA Security+ (DoD 8570 compliance alignment)
• NIST RMF / DoD RMF training
• FedRAMP compliance training
• HIPAA Security & Privacy training
• Cloud security certifications (e.g., CCSP, AWS Security Specialty, Azure
• Security Engineer)

The salary range for this position takes into account a wide range of factors including education, experience, knowledge, skills, geography, and abilities of the candidate, in addition to internal equity and alignment with market data. At QuidelOrtho, it is not typical for an individual to be hired at or near the top range for their role and compensation decisions are dependent on the facts and circumstances of each case. The salary range for this position is $100,000 to $130,000 and is bonus eligible. QuidelOrtho offers a comprehensive benefits package including medical, dental, vision, life, and disability insurance, along with a 401(k) plan, employee assistance program, Employee Stock Purchase Plan, paid time off (including sick time), and paid Holidays. All benefits are non-contractual, and QuidelOrtho may amend, terminate, or enhance the benefits provided, as it deems appropriate.

QuidelOrtho unites the strengths of Quidel Corporation and Ortho Clinical Diagnostics, creating a world-leading in vitro diagnostics company with award-winning expertise in immunoassay and molecular testing, clinical chemistry and transfusion medicine. We are more than 6,000 strong and do business in over 130 countries, providing answers with fast, accurate and consistent testing where and when they are needed most - home to hospital, lab to clinic. Our culture puts our team members first and prioritizes actions that support happiness, inspiration and engagement. We strive to build meaningful connections with each other as we believe that employee happiness and business success are linked. Join us in our mission to transform the power of diagnostics into a healthier future for all.