Information Security Analyst

QuidelOrtho•San Diego, CA

1d•Remote

About The Position

QuidelOrtho unites the strengths of Quidel Corporation and Ortho Clinical Diagnostics, creating a world-leading in vitro diagnostics company with award-winning expertise in immunoassay and molecular testing, clinical chemistry and transfusion medicine. We are more than 6,000 strong and do business in over 130 countries, providing answers with fast, accurate and consistent testing where and when they are needed most – home to hospital, lab to clinic. Our culture puts our team members first and prioritizes actions that support happiness, inspiration and engagement. We strive to build meaningful connections with each other as we believe that employee happiness and business success are linked. Join us in our mission to transform the power of diagnostics into a healthier future for all. The Role At QuidelOrtho, we’re advancing the power of diagnostics for a healthier future for all. Join our mission as our next Information Security Analyst. The Information Security Analyst is responsible for supporting and ensuring compliance with U.S. Department of Defense (DoD) and Veterans Affairs (VA) cybersecurity and regulatory requirements for QuidelOrtho products and services. This role plays a critical part in strengthening the organization’s Information Security Governance, Risk, and Compliance (GRC) program while enabling secure delivery of healthcare and diagnostic solutions to federal customers. This position is remote eligible.

Requirements

Bachelor’s degree or equivalent in Information Security, Cybersecurity, Computer Science, Information Systems, or related field.
2–4+ years of experience in Information Security, with a focus on GRC (Governance, Risk, and Compliance).
Hands-on experience with federal security frameworks such as: NIST 800-53 / NIST CSF
DoD RMF (Risk Management Framework)
FedRAMP (preferred)
Experience supporting ATO processes and working with federal agencies (DoD, VA, or similar).
Familiarity with healthcare regulations such as HIPAA and handling sensitive health data.
Experience conducting risk assessments, control evaluations, and compliance gap analyses.
Understanding of cloud security concepts (AWS, Azure, or GCP) and their compliance implications.
Strong documentation skills, including SSPs, POA&Ms, and security artifacts.
Ability to work cross-functionally with technical and non-technical stakeholders.
Strong analytical, problem-solving, and communication skills.
This position is not currently eligible for visa sponsorship.

Nice To Haves

Certified Authorization Professional (CAP) (strongly preferred for RMF/ATO work)
CompTIA Security+ (DoD 8570 compliance alignment)
NIST RMF / DoD RMF training
FedRAMP compliance training
HIPAA Security & Privacy training
Cloud security certifications (e.g., CCSP, AWS Security Specialty, Azure Security Engineer)

Responsibilities

Ensure compliance with DoD and VA cybersecurity requirements (e.g., RMF, NIST 800-53, FedRAMP where applicable).
Support Authority to Operate (ATO) processes, including documentation, control implementation, and continuous monitoring.
Collaborate with product, engineering, IT, and compliance teams to integrate security controls into systems and services.
Conduct risk assessments, control testing, and gap analyses aligned with NIST, HIPAA, and other regulatory frameworks.
Maintain and update security policies, standards, and procedures to meet federal and enterprise requirements.
Assist in audit readiness and support internal/external audits (DoD, VA, HIPAA, as applicable).
Monitor regulatory changes and assess impact on QuidelOrtho products and services.
Support third-party/vendor risk management, especially for federal-facing solutions.
Contribute to incident response, vulnerability management, and remediation tracking from a compliance perspective.
Provide security awareness and guidance to cross-functional teams on federal compliance expectations.
Perform other work-related duties as assigned.