Responsible for the global IT security operations of the Company which includes management and oversight of a significant third-party provider.
Ensures 24/7 coverage for incident response, detection and recovery and is accountable for ensuring and following escalation paths and providing incident communications to appropriate Senior Leaders within the Company.
Serves as a strategic advisor to influence outcomes and build top-performing programs collaborating with internal stakeholders and working with advanced technologies.
Oversee day-to-day security operations execution, including incident detection, investigation, response, and recovery, with clear escalation paths and incident communications.
Define and maintain the security operations operating model (coverage, on-call rotations, severity taxonomy, runbooks/playbooks, and stakeholder communications) to ensure repeatable execution.
Own and regularly exercise incident response playbooks (e.g., ransomware, business email compromise, insider threat, cloud compromise), including tabletop exercises and after-action reviews.
Lead security monitoring and detection engineering (log onboarding, alert tuning, false-positive reduction, and coverage mapping such as MITRE ATT&CK).
Implement and govern risk-based vulnerability and exposure management (prioritization, remediation SLAs, exception/risk acceptance, and reporting to technology owners and leadership).
Lead engineering and operational support of IT security solutions, tools, and systems (e.g., SIEM, EDR, email security, IAM-related monitoring, network security monitoring, DLP, vulnerability scanning).
Manage performance and outcomes for security operations vendors and service providers (MDR/MSSP), including SLAs, runbooks, escalations, and continuous service improvement.
Develop and report security operations metrics and dashboards (e.g., MTTD/MTTR, alert fidelity, vulnerability SLA performance) and present trends, risks, and improvement plans to stakeholders.
Drive security operations automation and workflow integration (ticketing, enrichment, containment actions where appropriate) to improve consistency, scalability, and response speed.
Perform and/or oversee security testing of applications, networks, and infrastructure (vulnerability assessments, penetration testing coordination, and validation of remediation).
Support development and operation of data loss prevention (DLP) strategies and tooling; partner with Legal/Privacy on data handling requirements.
Contribute to and coordinate audit and regulatory support efforts with internal and external auditors; create and manage responses to security reports, notifications, and alerts.
Implement solutions observing compliance and control requirements (SOX, privacy laws, and applicable security standards) and drive continuous improvement of policies, procedures, and control effectiveness.
Manage and develop information security operations staff and/or service partners through goal setting, mentoring, and career development; lead cross-functional security projects.
Maintain a broad knowledge of current and emerging threats, technologies, architectures, and products; identify opportunities to enhance threat intelligence coverage and monitoring capabilities.

Requirements

Bachelor’s degree or advanced degree preferred; professional security management certification preferred (e.g., CISSP, CISM, CISA, or similar).
10+ years of experience in cybersecurity, including 5+ years of direct experience in security operations (e.g., SIEM, IDS/IPS, network security, email security, endpoint security, vulnerability management, and incident response).
5+ years of management/leadership experience, including managing people, projects, budgets, vendors, and operational processes.
Experience with SOC models and operations, including use-case development, alert tuning, and incident escalation practices.
Experience with vendor management, including contract negotiations, service delivery oversight, and maximizing the use of third-party resources (e.g., MDR/MSSP).
Experience in ITIL, including change management principles and practices.
Experience with gap assessments, penetration testing approaches, and patch/vulnerability remediation coordination.
Experience with modern security tools across key domains (SIEM, EDR, MDR, EASM, network defense, vulnerability scanning, encryption, and cloud security).
Pharmaceutical industry experience strongly desired.

Benefits

Competitive pay and benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecuritysecurity operationsincident responsevulnerability managementpenetration testingrisk managementsecurity monitoringalert tuningdata loss preventionthreat intelligence

Soft Skills

leadershipcommunicationcollaborationmentoringstrategic advisingproject managementgoal settingstakeholder engagementcontinuous improvementproblem solving

Certifications

CISSPCISMCISA