Lantheus Medical Imaging Inc is hiring: Senior Cybersecurity Engineer, Detection
Lantheus Medical Imaging Inc, Bedford, MA, US, 01730
Job Description
Lantheus is headquartered in Bedford, Massachusetts with offices in Billerica as well as in Canada and Sweden. For more than 60 years, Lantheus has been instrumental in pioneering the field of medical imaging and has helped physicians enhance patient care with its broad product portfolio. In 2023, Lantheus had more than $1B in revenues, led by sales of imaging agents for cardiac ultrasound and for prostate cancer.
Lantheus is an entrepreneurial, agile, growing organization that provides innovative diagnostics, targeted therapeutics, and artificial intelligence (AI) solutions that empower clinicians to find, fight and follow disease. At Lantheus our purpose and values guide our behaviors in all interactions and play a vital role in creating a dynamic environment that contributes to our success. Every employee is crucial to our success; we respect one another and act as one knowing that someone’s health is in our hands. We believe in helping people be their best and are seeking to bring together a diverse group of individuals with different viewpoints and skill sets to be a part of a productive and inclusive team.
Summary of role
The Senior Cybersecurity Engineer, Detection and Response is responsible for leading the identification, investigation, and response to complex security incidents in a high-stakes pharmaceutical environment and beyond, while also focusing on SaaS platforms and overall enterprise security. This role blends deep technical expertise, strategic thinking, and hands-on capabilities to protect against and mitigate security risks, with particular attention to regulatory compliance, intellectual property protection, and cloud-based security challenges. The ideal candidate is passionate about security engineering, thrives in fast-paced environments, and excels through both individual drive and team collaboration. Additionally, this role involves spearheading the rollout and implementation of security technologies, such as Microsoft Defender and other capabilities, to strengthen the organization's security posture.
Key Responsibilities/Essential Functions
- Threat Detection & Analysis:
- Design, implement, and maintain detection rules, use cases, and alerts for potential security threats using Security Information and Event Management (SIEM) systems and other monitoring tools.
- Leverage threat intelligence sources to identify emerging threats relevant to the pharmaceutical industry and SaaS platforms, applying models such as MITRE’s ATT&CK framework.
- Conduct regular analysis of security logs, network traffic, and system activity to identify potential indicators of compromise (IOCs).
- Incident Response (IR):
- Lead and coordinate the response to security incidents, including triage, containment, eradication, recovery, and post-incident analysis for both enterprise and SaaS environments.
- Create detailed incident reports outlining findings, actions taken, and recommendations for mitigation and improvement.
- Develop and own the strategy and implementation of a global incident response team, ensuring rapid containment of security incidents.
- Forensics and Investigation:
- Conduct forensic analysis on compromised systems, including memory and malware analysis, root cause determination, and preservation of evidence for regulatory and legal proceedings.
- Build and own detection-as-code pipelines and integrate detection capabilities that capture data across multi-region, distributed cloud services.
- Process Development & Optimization:
- Develop, update, and enforce standard operating procedures (SOPs) for incident detection, response, and reporting.
- Apply deep expertise in threat hunting and intelligence, enriching detection capabilities across the enterprise, and optimizing containment and response measures.
- Collaboration & Communication:
- Work closely with IT, engineering, legal, compliance, and product teams to address security issues, design security solutions, and mitigate risks within both traditional and cloud-based environments.
- Communicate security risks, vulnerabilities, and threats clearly to senior leadership, collaborating to define and execute remediation plans.
- Serve as a primary liaison with external partners, vendors, and regulatory bodies during incident response engagements.
- Training, Mentoring & Leadership:
- Provide training and mentorship to junior security team members, fostering a culture of detection and response excellence.
- Conduct tabletop exercises, simulations, and prototyping of security solutions.
- Compliance & Regulatory Requirements:
- Ensure all detection and response activities comply with relevant industry regulations (e.g., HIPAA, GxP, GDPR) and internal security policies.
- Support audits and assessments, providing evidence of security controls and incident response capabilities.
Basic Qualifications
- Education: Bachelor’s degree in computer science, Cybersecurity, Information Systems, or a related field. A master’s degree is a plus.
- Experience: Minimum of 5-7 years in cybersecurity, with significant experience in incident detection and response.
- Industry Knowledge: Familiarity with pharmaceutical and SaaS industry regulatory and compliance requirements (e.g., HIPAA, GxP, FDA guidelines).
Other Requirements
- Technical Skills:
- Strong experience with SIEM tools (e.g., Microsoft Sentinel, Splunk, QRadar, Elastic Stack) and network/endpoint security tools (EDR, IDS/IPS).
- Hands-on expertise in scripting (Python, PowerShell, Bash, etc.), malware analysis, and forensics.
- Familiarity with machine learning applications in a security context.
- Soft Skills:
- Excellent analytical, problem-solving, and decision-making skills.
- Strong communication and interpersonal skills for effective cross-team collaboration.
- Proven ability to work in high-pressure environments and manage multiple tasks efficiently.
Lantheus is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any characteristic protected under applicable law. Lantheus is an E-Verify Employer in the United States.