Those who join Emergent BioSolutions feel a sense of ownership about their future. You will excel in an environment characterized by respect, innovation and growth opportunities. Here, you will join passionate professionals who advance their scientific, technical and professional skills to develop products designed-to protect life.
I. JOB SUMMARY
In this position, your primary responsibility will be for the 24x7 operations of Cyber Security Operations Center (SOC). Reporting to the Sr Director of Information Security, responsibilities include security event response management, identification, triage and response to security breaches, SOC metrics design and reporting, SOC management, including performance, efficiency, capacity, and security controls, as well as documenting and reporting apparent attacks, breaches, and other pertinent data for review with stakeholders and at the executive management. Sets department direction, motivates staff to achieve direction, and contributes to the strategy and direction of Information Security solution delivery and operationalization.
This can me a remote/virtual role.
II. ESSENTIAL FUNCTIONS
The Director, Global Cyber Security Operations will provide strong and demonstrable hands-on expertise with Managed Security Service Provider (MSSP), network security monitoring, vulnerability management, and incident response. He/She will be open minded, bring fresh ideas to the outsourced (MSSP) SOC team and be ready to protect, defend and respond to information security related events. Also, he/she will lead the following areas Predictive monitoring, Threat and Vulnerability Management, Threat Hunting and Cyber Security Risk Assessments. This will be accomplished by pulling together information from a variety of systems; and normalizing and correlating the information. The SOC provides real-time (or near real-time) detection and reaction services for information security incidents within the company. Decision making is one of the most important traits. This role will require a hands-on approach in the following areas.
- Perform in-depth network security analysis and work with the SOC analyst team conducting incident response, event analysis and threat intelligence for the corporate enterprise
- Provide both strategic analysis and near real-time auditing, analyzing, investigating, reporting, remediation, coordinating and tracking of security-related activities for the corporate enterprise
- Analyze data and prepare reports that document vulnerabilities from network based attacks and recommends actions to prevent, repair or mitigate these vulnerabilities
- Provide technical mentoring to other team members
- Manage security vendor partnerships in relation to the managed service provider, SIEM, incident analytics and response.
- Establish and create standard operating procedures for a variety of computer network defense (CND) related tasks/positions within the team
- Provide technical expertise on post event network security logs and trend analysis
- Review security events that are detrimental to the overall security posture; analyze and detect sophisticated and nuanced attacks and discern false positives and provide results to management
- Perform correlation of events from a variety of network, enterprise and host collection sensors
- Coordinate and liaise with other departments within the company and external auditors with information regarding intrusion events, security incidents, and other threat indications and warnings information
- Demonstrate both technical acumen and critical thinking abilities
- Experience with trouble ticketing and change management tools
- Coordination and escalation of issues to the Incident Response team
- Provide detection and response to security events and incidents within the Network
- Web application vulnerability scanning
- Security log management and monitoring
- Intrusion detections and prevention systems operations
- Understand/develop KPIs and maintain information security metrics
III. MINIMUM EDUCATION, EXPERIENCE, SKILLS
- Strong knowledge of leading MSSP programs
- Security log management
- Strong analytical, documentation, and communication skills
- Strong understanding of IDS & IPS technologies
- Strong understanding of Windows event log analysis
- Experience with enterprise information security data management tools.
- Understanding of network traffic analysis
- 15+ years of applicable experience, with 5 to 10 years of experience in security, and a minimum of 5 years of supervisory experience
- Must possess planning, organizational, and motivational skills, able to write clearly and succinctly in technical and non-technical formats.
- Ability to speak both extemporaneously and in formal settings. Experience in root cause analysis, industry benchmarking, survey evaluation and data interpretation is required.
- Have the ability to apply logic and reason to solve complex problems.
- Able to infuse innovation and creativity to strategic plans.
- Possess knowledge in the area of emergency/disaster management, physical security, critical incident stress management, risk management and business resiliency
- Familiar with emergency procedure protocols and regulatory interfaces.
- Experience in leading a team.
- Strong analytical, critical thinking, and problem solving skills.
- Ability to establish and maintain cross-functional and positive working relationships.
- Proven ability to influence key business partners.
- Ability to build strategic vision and drive organizational change.
- Strong organization and planning skill with the ability to work in and define ambiguity/gray areas.
- Advanced computer skills and proficiency.
- Strong inter-personal and networking skills with a strong ability to work in a team environment.
- Ability to work under stressful and tight deadlines as well as the ability to manage in a fast paced environment.
- Above average computer hardware and software knowledge.
- Excellent verbal and communication skills.
- Ability to multi-ask and discerns patterns or trends from a variety of data sets.
- Think through problems for logical solutions and remain calm and professional under stress.
- Strong decision-making ability during both crisis and non-crisis situations.
- Able to work with highly confidential information.
- Must be able to speak clearly, give direction, and provide guidance to employees and security staff during emergencies.
- Able to work and communicate effectively with all levels of leadership.
- Bachelor’s degree in computer science + or a related discipline
- Five to ten years of experience in the security field highly desirable.
- CISSP, CISM, GIAC certifications highly desirable
Per CDC guidelines, Emergent strongly recommends that all employees working on site are vaccinated to help ensure their safety, as well as the safety of fellow employees. This includes the use of good judgment when determining when the CDC guidelines advise that you stay home when ill.
There are physical/mental demands and work environment characteristics that must be met by an individual to successfully perform the essential functions of the job. This information is available upon request from the candidate.
Reasonable accommodations may be made to enable individuals with disabilities to perform all essential functions.
Emergent BioSolutions is an Equal Opportunity/Affirmative Action Employer and values the diversity of our workforce. Emergent does not discriminate on the basis of race, color, creed, religion, sex or gender (including pregnancy, childbirth, and related medical conditions), gender identity or gender expression (including transgender status), sexual orientation, age, national origin, ancestry, citizenship status, marital status, physical or mental disability, military service or veteran status, genetic information or any other characteristics protected by applicable federal, state or local law.
Emergent BioSolutions does not accept non-solicited resumes or candidate submittals from search/recruiting agencies not already on Emergent BioSolutions’ approved agency list. Unsolicited resumes or candidate information submitted to Emergent BioSolutions by search/recruiting agencies not already on Emergent BioSolutions’ approved agency list shall become the property of Emergent BioSolutions and if the candidate is subsequently hired by Emergent BioSolutions, Emergent BioSolutions shall not owe any fee to the submitting agency.