Director of IT Security Fusion Center (SOC and Incident Response)

Director of IT Security Fusion Center (SOC and Incident Response)

Bewerben locations United States - California - Foster City United States - North Carolina - Raleigh time type Full time posted on Vor 4 Tagen ausgeschrieben job requisition id R0044663

At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.

Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.

We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.

Job Description

The Director of IT Security Fusion Center is responsible for managing and leading our Security Fusion Center comprised of the SOC and Incident Response teams. This critical team will be responsible for monitoring and detection of Security events leveraging industry leading security tools and security vendors and partners. This critical role will lead the Security Fusion center to triage, provide incident response management, and conduct security investigations and forensics for potential security events. The leader will articulate technical security requirements, monitor the effectiveness of the existing IT security controls framework, and raise the level of security awareness and policy compliance within IT and business groups. The individual in this role will be part of the IT Security, Risk, and Compliance team within Information Technology and work with Security, Infrastructure and Business Application services team to manage and remediate any security threats and incidents.

ESSENTIAL JOB FUNCTIONS:

• Extensive security experience leading a SOC and IR team to detect, assess, investigate, remediate and recover from security issues.
• Extensive experience as Security Incident commander, leading a SOC team while liaising with IT, legal, and business teams through security incidents Extensive experience with designing, implementing, and optimizing a Security Incident Response process
• Extensive experience with designing and implementing SOC and IR technologies including SIEM, EDR, UEBA, among other capabilities
• Experience managing, leading, and mentoring a technical and process minded team, working with Managed Services, and managing a large SOC team. Monitor security events to detect threats and analyze situations in context to detect advanced threats.
• Alerts analysis
• Investigate Incidents
• Analyze Malware
• Recommend corrective actions to the IT leadership team.
• Develop Security Operations Center detection tools, rules and intelligence to improve detection & investigation efficiency of the Center.
• Learn from investigated cases and update toolsets to improve automated detection methods
• Assess new technologies, tests them in a lab environment and proposes them for SOC improvement.
• Operate Security Operations Center devices to ensure high availability and security.
• Maintain and operate SOC network, systems, workstations and other technical components.
• Interact in a very professional way with customers to solve identified threats and issues.
• Act as a privileged point of contact for the customers to solve security requests, incidents and threats.
• Define SOC service architecture.
• Deploy/support deployment of the monitoring solution to customer for integration in the Security Operations Center service.
• On-call availability outside business hours.

REQUIRED SKILLS & JOB QUALIFICATIONS

• Minimum 12+ years of IT experience with progressive responsibilities, and with at least 8 years of Cyber Security protection experience.
• Security professional with a proven people management and leadership experience within the security industry.
• Strong verbal and written communication skills with the ability to adapt information delivery based on the target audience.
• Ability to interpret, understand, and communicate real business risks in relation to technology risks.
• Ability to create or review procedures for protection of systems and applications.
• Knowledge of information security principles, concepts, practices, systems software, database software, and immediate access storage technology to carry out activities relating to security certification and accreditation.
• Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues. Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach.
• Experience with security tools and platforms including SIEM, IPS/IDS, SecOps, Endpoint and Server protection, Network protection, Firewalls, etc. Extensive experience in Cyber threat and vulnerability analysis and remediation. Forensic examination and data preservation.
• Significant experience doing internal and external penetration testing i.e. white hat hacking.
• Ability to work in a fast paced, highly visible, changing environment. Very strong security awareness and knowledge.
• Strong understanding of key infrastructure systems (AD, Linux, Databases, Virtual Environment).
• Proven ability at building working relationships with partners, peers, and senior Management.
• Experienced with leading a cross functional team to performs and review security incident investigations.
• Ability to multitask and manage multiple topics and demands concurrently. Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management
• Prior working experience in a Pharmaceutical company is a plus.
• Highly organized, results-oriented and attentive to details. Self-motivated, proactive, independent and responsive – requires little supervisory attention. Excellent presentation, facilitation and diplomacy skills.
• High level of personal integrity consistent with company’s core values. Performs other duties as assigned.

EDUCATION & CERTIFICATION

• Bachelor of Science degree in management information systems, computer science, engineering or other IT-related major is required, or 10+ years of relevant experience.
• Information Security Certification (CISSP, GSEC, GPEN, CEH, etc.) or other related security certification is highly desired. Microsoft, Linux, Unix, and Cisco certifications would be an asset.

Gilead Core Values:

Integrity (Doing What’s Right)

Inclusion (Encouraging Diversity)

Teamwork (Working Together)

Excellence (Being Your Best)

Accountability (Taking Personal Responsibility)

The salary range for this position is: $210,375.00 - $272,250.00. Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package. Benefits include company-sponsored medical, dental, vision, and life insurance plans.

For additional benefits information, visit: https://www.gilead.com/careers/compensation-benefits-and-wellbeing

* Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.