Associate Director of Cyber Security Remediation Team
Cambridge, MA, United States
Biogen
Biogen is a leading global biotechnology company that pioneers science and drives innovations for complex and devastating diseases. Biogen is advancing a pipeline of potential therapies across neurology, neuropsychiatry, specialized immunology...Job Description
At Biogen, we offer a workplace that is unique, connected, resilient and impactful. Our purpose to find cures for rare diseases is a unique focus within our industry. We are connected as a team by this shared purpose, the pride we have in our work, and the inspiration we obtain from the lives we’re changing. We are resilient as we overcome obstacles, following the science to deliver for our patients. Most of all, our work allows us to have an impact. An impact on our patients’ lives and on changing the course of medicine.
About this role
We are seeking a proven leader for our newly established Cyber Security Remediation Team that will shape how we develop a thematic analysis process identifying root cause / contributing factors derived from operations and ensuring these findings are converted into remediation tasks to prevent reoccurrence, strengthen the defense-in-depth landscape, and improve consequence management. This is a highly dynamic and collaborative role that requires a unique blend senior level experience working across multiple domains including training, network and security operations, desktop and server support, legal, and HR; as well as a diverse background across operational risk management, cyber security, and computer science / data analysis.
What you’ll do
- As a senior member of the Cyber Remediation Team, you will be the champion that works horizontally across the franchise to share operational lessons learned and work with stakeholders to repair, improve, or redesign affected areas ensuring that we harden our networks, applications, and systems preventing / eliminating identified risks. This will include both the technical business stakeholders, audit, risk management, and others.
- Beyond the redress of technical findings, this role will also focus on bad user behaviors that are identified and work with both HR and Training to develop reoccurring / regular training materials address these bad practices and developing in partnership with HR consequent management strategies.
- As a senior leader you will participate in a number of committee where your subject mater expertise will help shape and inform enterprise-wide decision making and risk management.
Key Responsibilities:
- Provide regular briefings to senior management across HR, CIO Office, Audit, and Risk taking the actionable details from highly technical findings in a clear manner.
- Own the formal lessons learned process for Cyber Security Operations
- Establish and maintain a repeatable thematic analysis process to identify technical and procedural weaknesses from operational findings and responses.
- Own the end-to-end remediation process for critical findings. This will include partnership across IT and business stakeholders requiring high levels of influential leadership and emotional intelligence.
- Own and develop mathematically defensible Key Performance and Key Risk Indicators
- Manages and is responsible for the successful completion of all tasks in assigned program area including technical work, financial and business development activities
Who you are:
As the Director for Remediation Team, You.
- Experienced senior briefing to executive audience like CISO, CIO, CTO, and others
- Possess a strong service mindset and experience manager of manager with demonstrated track record of building high preforming teams.
- Have a deep blended experience set across business, operations, risk management, and information and cyber security.
- Strong knowledge and experience across industry standard frameworks (NIST, ISO, PCI)
- Purposeful individual who can manage multiple complex assignments, manage assignments based on criticality, in a timely and professional manner
- Ability to manage expectations with multiple stakeholders on projects and programs in conjunction with information security teams
- Demonstrated personal integrity, the ability to professionally manage confidential matters and show the appropriate level of judgment and decision making commensurate with the position and responsibilities
- Outstanding communication capabilities, written and oral, with an emphasis on prompt, transparent and appropriate targeting for incident related notifications
Qualifications
Required Skills:
- 10 years of risk management experience
- 10 years of direct and indirect leadership experience managing and influencing teams of teams
- Broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics and protocols, Advance Persistent Threat groups, Hacker activities.
- Documented subject matter expertise across information security domain, information warfare, and cyber defensive operations
- Data-driven decisions maker based on Key Performance and Key Risk Indicators
- Experience with multi-national / cross boarder operations
Education:
- Master’s Degree in Computer Science, Computer Engineering, Information Security
Additional Information
All your information will be kept confidential according to EEO guidelines.
Tags: Computer Science NIST Risk management
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs