Merck Sharp & Dohme
Director, Cyber Threat Detection & Response
Merck Sharp & Dohme, Rahway, New Jersey, us, 07065
Job Description
The Director of Cyber Threat Detection & Incident Response for our Company has the responsibility to lead and oversee the implementation of the global cyber threat intelligence and incident response program for our Company's Cyber Fusion Center. This requires an individual who possesses our core competencies with deep skillset knowledge to stand-up and drive a program that will define and deliver resiliency excellence. This leader must be a subject matter expert in cyber threat detection and Incident Response with the ability to develop and drive our company’s cybersecurity strategy.
The ideal candidate will have demonstrated success in building or transforming highly efficient and effective Cyber threat intelligence, threat hunting and incident response programs within a global enterprise and will possess extensive experience managing cybersecurity incidents.
This position requires technical depth and experience, but also strong management and leadership skills, in order to succeed.
Key Activities for this role are:
Manage the company’s cybersecurity operations center (SOC) who provide tier 1 incident detection and alert triaging.
Lead a team of Cyber Threat Intelligence analysts who are also supported by a variety of third parties to supplement this program’s capabilities.
Lead a team of cyber threat hunter analysts in our Threat Defense Operations team.
Lead the ongoing maturation of our Cyber Fusion Center’s Incident Response capabilities.
Develop and maintain incident response playbooks and other detection/response related standard operating procedures.
Act as head of the incident response action approval chain.
Be a visionary, strategic thinker, and implementer of ideas that materialize into action.
Develop advanced programs capable of investigating and analyzing all classes of threats in today's increasingly complex digital landscape.
Work as a liaison between the Cyber Fusion Center Teams, other departments, and upper management.
Work closely with and be a member of the Executive Director’s Cyber Fusion Center leadership team.
Tailor services to meet the needs of a diverse internal customer base, including Legal, Privacy, investigators, and divisionally aligned IT Risk Management Liaisons.
Perform demand management and quality assurance functions to ensure service level agreements for both time and quality are met and ensure project deliverables are met.
Lead the development and execution of these services across our company’s three IT hubs located in Branchburg NJ, Prague, and Singapore. These services include: malware analysis, network analysis, full disk forensics, mobile device exploitation, log and timeline analysis, amongst others.
Recruit, manage, coach, train, lead, and inspire a global team of dedicated cybersecurity analysts.
Set strategic and developmental goals for the staff and participate in performance reviews and succession planning.
Manage the program's portfolio and ensure they are aligned to the budget.
Education Minimum requirement:
Bachelor's degree
Required Skills and Experience:
Technical Expertise:
At least seven (7) years of deep knowledge of cyber threat detection and incident response.
Experience with cybersecurity operations centers (SOC) and tier 1 incident detection.
Proficiency in developing and maintaining incident response playbooks and standard operating procedures.
Expertise in malware analysis, network analysis, full disk forensics, mobile device exploitation, and log and timeline analysis.
Leadership and Management:
Five (5) years of proven success in building or transforming cyber threat intelligence, threat hunting, and incident response programs within a global enterprise.
Strong management and leadership skills to recruit, manage, coach, train, and inspire a global team of cybersecurity analysts.
Ability to set strategic and developmental goals for staff and participate in performance reviews and succession planning.
Strategic Thinking:
Visionary and strategic thinker capable of developing advanced programs to investigate and analyze complex threats.
Ability to act as the head of the incident response action approval chain.
Communication and Collaboration:
Excellent communication skills to work as a liaison between the Cyber Fusion Center teams, other departments, and upper management.
Ability to tailor services to meet the needs of diverse internal customers, including Legal, Privacy, investigators, and IT Risk Management Liaisons.
Program Management:
Experience in managing the program’s portfolio and ensuring alignment with the budget.
Ability to perform demand management and quality assurance functions to meet service level agreements.
Preferred Skills and Experience:
Certifications:
Relevant cybersecurity certifications such as CISSP, CISM, or GIAC.
Frameworks and Standards:
Familiarity with NIST, ISO 27001, and other relevant cybersecurity frameworks and standards.
Global Experience:
Experience working with global teams and managing cybersecurity operations across multiple locations, such as US, EMEA, and Asia.
Advanced Threat Detection:
Experience with advanced threat detection technologies and methodologies.
Incident Response Leadership:
Demonstrated ability to lead the ongoing maturation of incident response capabilities within a Cyber Fusion Center.
Stakeholder Management:
Strong skills in managing relationships with third-party vendors and stakeholders to supplement program capabilities.
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics.
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.
The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate’s relevant skills, experience, and education.
Expected US salary range: $149,400.00 - $235,100.00
Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days.
Requisition ID:
R320506
#J-18808-Ljbffr
The Director of Cyber Threat Detection & Incident Response for our Company has the responsibility to lead and oversee the implementation of the global cyber threat intelligence and incident response program for our Company's Cyber Fusion Center. This requires an individual who possesses our core competencies with deep skillset knowledge to stand-up and drive a program that will define and deliver resiliency excellence. This leader must be a subject matter expert in cyber threat detection and Incident Response with the ability to develop and drive our company’s cybersecurity strategy.
The ideal candidate will have demonstrated success in building or transforming highly efficient and effective Cyber threat intelligence, threat hunting and incident response programs within a global enterprise and will possess extensive experience managing cybersecurity incidents.
This position requires technical depth and experience, but also strong management and leadership skills, in order to succeed.
Key Activities for this role are:
Manage the company’s cybersecurity operations center (SOC) who provide tier 1 incident detection and alert triaging.
Lead a team of Cyber Threat Intelligence analysts who are also supported by a variety of third parties to supplement this program’s capabilities.
Lead a team of cyber threat hunter analysts in our Threat Defense Operations team.
Lead the ongoing maturation of our Cyber Fusion Center’s Incident Response capabilities.
Develop and maintain incident response playbooks and other detection/response related standard operating procedures.
Act as head of the incident response action approval chain.
Be a visionary, strategic thinker, and implementer of ideas that materialize into action.
Develop advanced programs capable of investigating and analyzing all classes of threats in today's increasingly complex digital landscape.
Work as a liaison between the Cyber Fusion Center Teams, other departments, and upper management.
Work closely with and be a member of the Executive Director’s Cyber Fusion Center leadership team.
Tailor services to meet the needs of a diverse internal customer base, including Legal, Privacy, investigators, and divisionally aligned IT Risk Management Liaisons.
Perform demand management and quality assurance functions to ensure service level agreements for both time and quality are met and ensure project deliverables are met.
Lead the development and execution of these services across our company’s three IT hubs located in Branchburg NJ, Prague, and Singapore. These services include: malware analysis, network analysis, full disk forensics, mobile device exploitation, log and timeline analysis, amongst others.
Recruit, manage, coach, train, lead, and inspire a global team of dedicated cybersecurity analysts.
Set strategic and developmental goals for the staff and participate in performance reviews and succession planning.
Manage the program's portfolio and ensure they are aligned to the budget.
Education Minimum requirement:
Bachelor's degree
Required Skills and Experience:
Technical Expertise:
At least seven (7) years of deep knowledge of cyber threat detection and incident response.
Experience with cybersecurity operations centers (SOC) and tier 1 incident detection.
Proficiency in developing and maintaining incident response playbooks and standard operating procedures.
Expertise in malware analysis, network analysis, full disk forensics, mobile device exploitation, and log and timeline analysis.
Leadership and Management:
Five (5) years of proven success in building or transforming cyber threat intelligence, threat hunting, and incident response programs within a global enterprise.
Strong management and leadership skills to recruit, manage, coach, train, and inspire a global team of cybersecurity analysts.
Ability to set strategic and developmental goals for staff and participate in performance reviews and succession planning.
Strategic Thinking:
Visionary and strategic thinker capable of developing advanced programs to investigate and analyze complex threats.
Ability to act as the head of the incident response action approval chain.
Communication and Collaboration:
Excellent communication skills to work as a liaison between the Cyber Fusion Center teams, other departments, and upper management.
Ability to tailor services to meet the needs of diverse internal customers, including Legal, Privacy, investigators, and IT Risk Management Liaisons.
Program Management:
Experience in managing the program’s portfolio and ensuring alignment with the budget.
Ability to perform demand management and quality assurance functions to meet service level agreements.
Preferred Skills and Experience:
Certifications:
Relevant cybersecurity certifications such as CISSP, CISM, or GIAC.
Frameworks and Standards:
Familiarity with NIST, ISO 27001, and other relevant cybersecurity frameworks and standards.
Global Experience:
Experience working with global teams and managing cybersecurity operations across multiple locations, such as US, EMEA, and Asia.
Advanced Threat Detection:
Experience with advanced threat detection technologies and methodologies.
Incident Response Leadership:
Demonstrated ability to lead the ongoing maturation of incident response capabilities within a Cyber Fusion Center.
Stakeholder Management:
Strong skills in managing relationships with third-party vendors and stakeholders to supplement program capabilities.
US and Puerto Rico Residents Only:
Our company is committed to inclusion, ensuring that candidates can engage in a hiring process that exhibits their true capabilities. Please click here if you need an accommodation during the application or hiring process.
We are an Equal Opportunity Employer, committed to fostering an inclusive and diverse workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status, or other applicable legally protected characteristics.
U.S. Hybrid Work Model
Effective September 5, 2023, employees in office-based positions in the U.S. will be working a Hybrid work consisting of three total days on-site per week, Monday - Thursday, although the specific days may vary by site or organization, with Friday designated as a remote-working day, unless business critical tasks require an on-site presence.
The Company is required to provide a reasonable estimate of the salary range for this job in certain states and cities within the United States. Final determinations with respect to salary will take into account a number of factors, which may include, but not be limited to the primary work location and the chosen candidate’s relevant skills, experience, and education.
Expected US salary range: $149,400.00 - $235,100.00
Available benefits include bonus eligibility, long term incentive if applicable, health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and sick days.
Requisition ID:
R320506
#J-18808-Ljbffr