Associate Director Security Operations
5 - 7 years experience • Pharmaceuticals & Biotech
The IOS Security Operations Associate Director is instrumental in managing the effectiveness of the security operations practice, including, but not limited to: monitoring, detection and mitigation of cybersecuritythreats, vulnerability and threat management activities, and incident handling/triaging practices at Otsuka America Pharmaceutical, INC (OAPI). This individual should have a deep understanding of operational cybersecurity coupled with extensive hands on experience to defend against ever increasing and more sophisticated cybersecuritythreats. This individual also is key to Otsuka’s security incident response and associated communications including coordination with the Information Security Officer, the CSIRT and other key stakeholders. Vendor management and security team coaching and development are other key aspects of this position.
• Establish processes to monitor, analyze, and report output from security monitoring systems.
• Coordinate and liaise with others to take necessary corrective action.
• Monitor stakeholders’ completion of compliance and risk management processes and deliverables.
• Implement operational security standards, processes, procedures, and guidelines.
• Work with other IT teams, users, and vendors on security solutions and implementation.
• Develop and conduct preparedness tests to demonstrate operational efficiencies.
• Set-up procedures and automated processes to monitor the status of computers and the network.
• Respond immediately to any detection of unusual patterns of behavior and possible threats.
• Analyze metrics to identify any trends that might indicate patterns of future risks.
• Provide regular reports and metrics for management on the company’s IT security status such as KPI’s, incident tracking reports, proposals for improvements, as well as tactical and strategic planning initiatives.
• Remain current with the latest cyber security technologies and threats.
• Document and communicate to all stakeholders and senior management on all cyber security related items such as incident management, problem detection, situation management, and service recovery.
• Manage security vendor relationships and ensure adequate actionable performance.
• Provide input and evaluation on security aspects of non-security related technology, e.g. software applications and tools, hardware, services, etc.
• Constant monitoring of company IT and data assets to ensure security controls are operating and functioning as intended.
• Minimum 5 years of experience in IT security operations, incident response, vulnerability assessments, and threat detection monitoring and management tools at the enterprise level. Preferably experience within a Security Operation Center.
• Minimum 2 years supervisory experience.
• Experience working with engineering teams to operationalize the protection of new systems and business applications.
• Strong security vendor management skills with proven track record of managing relationships. Preferred experience with security operations as it relates to cloud computing as well as leveraging cloud services (Managed Detection & Response, SIEM-as-a-Service, SOC-as-a-service, etc.
• Strong knowledge of various security products such as firewalls, IDS/IPS, packet analyzers, DLP and incident response tools.
• Experience monitoring for emerging threat patterns and vulnerabilities.
• Experience working the incident management lifecycle including understanding of forensic information and ability to triage security incidents.
• Experience developing and documenting protocols, procedures/runbooks for the security of the IT system and company data.
• Good understanding of concepts in networking, applications, and operating system functionality; able to apply advanced concepts such as application manipulation, exploit development, and stealth operations.
• Experience analyzing and assessing threat vectors.
• Proven ability to analyze root causes of issues.
• Experience with any of the following technologies a plus
o Cylance Protect
o Office 365 (Security & Compliance)
o Microsoft Cloud App Security
o Microsoft Advanced Threat Analytics
o Microsoft Azure Operations Management Suite, Log Analytics
o ZScaler Internet Access, Private Access
• Bachelor's in Computer Science, Information Technology, Information Systems, Networking, or other related fields, or equivalent work experience, including military education and experience.
• Relevant IT security certifications in information security, control and governance, and digital forensics such as CISSP, CEH, OCSP, GICSP, or CISM.
• Preferred certifications in ITIL (Information Technology Infrastructure Library).
• Afterhours or weekend work as needed
• Approximately 20% travel as required