Director, Defensive Offensive Cybersecurity

This role will set a vision and define a compelling roadmap to build a fit for purpose defensive & offensive services portfolio, aimed at monitoring and responding to security events, and delivering measurable outcomes.

This role will develop new innovative solutions to advance the detection and remediation of cyber events, validate requirements and resulting services with HIS stakeholders, develop metrics, and structure an effective and agile experimentation framework in partnership with the rest of the cyber security team to test effectiveness of our cyber tools & processes landscape. They will also oversee the financial aspects, support internal and external security audits, and report to the chief information security officer (CISO).

• Set the strategic direction for Incident response, and all offensive and defensive practices for Henry Schein
• Supervise and manage the Global Security Operations Center (SOC)
• Be responsible for penetration testing/ vulnerability management teams.
• Define a plan for hiring and training the defensive/offensive team members.
• Create processes and playbooks to handle security events and incidents.
• Assess and prioritize security events, including dispatching them to other key groups.
• Oversee the continuous improvement of rules and procedures.
• Develop and integrate, as needed, with crisis management plans.
• Create reports and dashboards to monitor the performance and effectiveness of the services.
• Design and execute periodic tabletop exercises to test incident response plans.

• Security Event triaging and Incident Response: Leveraging on HSI telemetry and thread intelligence sources, confirm, determine or investigate critical alerts
• Threat Hunting: based on indicators of attack and compromise, proactively look for threats inside the organization
• Vulnerability Management: continually identify, assess, report on, manage and remediate vulnerabilities across IT services
• Penetration testing: prepare and execute, with the support of the team, an exhaustive, risk-based penetration testing plan to assess the adherence of the security controls to HSI policies and standards, as well as to industry best practices
• Offensive/Defensive technologies and standards: with the support of the security architecture team, identify the best solutions to deliver best-in-class offensive/defensive security services

• 10-15 years of offensive security experience
• 10-15 years of experience in defensive security, including insourced/managed Security Operation Centers, threat hunting and threat intelligence, offensive/defensive toolsets and platforms
• Knowledge and familiarity of multiple SIEM solutions including, QRadar, Splunk, And Microsoft Sentinel
• Extensive knowledge of incident response processes and hand-on experience in cyber incident investigations
• Worked with large scale MSSP and customers
• Offensive Security and/or incident response certifications are a must
• Other technical certifications are a plus

• Outstanding management and leadership skills and ability to attract, retain, motivate, develop, mentor and coach team members for high performance
• Outstanding verbal and written communication skills and ability to resolve disputes effectively
• Outstanding presentation and public speaking skills
• Expert independent decision making, analysis and problem-solving skills
• Understand, interpret and act on financial information and external trends that contribute to business profitability
• Plan and manage complex and successful projects; understand available resources, develop timeline, budget and assign areas of responsibility
• Lead teams to achieve company goals and solve complex business issues in creative and effective ways
• Expert planning and organizational skills and techniques
• Communicate effectively with senior management and key stakeholders
• Excellent negotiating skills and ability to effectively manage internal and external relationships
• Ability to influence, build relationships, understand organizational complexities, manage conflict and navigate politics
• Broad professional and managerial skills with a full understanding of industry practices and company policies and procedures
• Lead and develop virtual teams
• Expert in multiple technical and business skills
• Strategic planning skills

Typically 12 or more years of increasing responsibility and complexity in terms of any applicable professional experience; 5 or more years of management experience.

Typically a Bachelor's Degree or global equivalent in related discipline. Master's degree or global equivalent a plus.

Travel typically less than 15%. Office environment. No special physical demands required.

Typically, to advance to a new job level, TSMs must demonstrate professional behavior and should consistently be at the high-end of meets expectations or consistently exceed expectations.