Associate Director, Incident Response and Forensics

As the leader of our Digital Forensics and eDiscovery team, you will be responsible to support and grow a global team, own the strategy and direction for the people, processes, and technology to fulfill your mission, and partner deeply with our Security Operations, Data Loss Prevention, and Threat Intelligence teams to help CSL defend itself from cyber attacks. You will direct the adoption of new tools and technologies to further your goals.

The position holder:

Leads a global team to apply security incident handling processes for CSL to successfully support the cybersecurity and information security incident response process to:
* Prepare for
* Identify* Contain
* Eradicate* Recover from cybersecurity events

The role will lead a global team of digital forensics, incident response and eDiscovery analysts that will:
* Work closely with the Director, Security Operations to develop and implement a cybersecurity threat analysis structure of common attack techniques to evaluate an attacker's spread through a CSL system, platform and or network.
* Develop and maintain a continuous upskilling program for your team to increase skills and overall capability maturity
* Identify and implement tools to determine attack types and choose appropriate defenses and response tactics for each
* Derive Indicators of Compromise (IOCs) from malicious activity to strengthen incident response, threat detection, and intelligence efforts
* Conduct in-depth forensic analysis of various operating systems
* Examine traffic using common network protocols to identify patterns of activity or specific actions that warrant further investigation
* Detect and hunt for adversary tools, tactics, and procedures (TTPs) across an enterprise environment
* Partner with Compliance, Legal, Privacy, and other teams to perform internal investigations pertaining to eDiscovery matters

Demonstrates thought leader-level abilities with, and/or a proven record of success directing efforts in the following areas:  Network Analysis  Computer Memory Analysis  Endpoint Analysis  Cyber Incident Lifecycle  NIST 800-61  Lead and supervise teams to create an atmosphere of trust and seek diverse views to encourage improvement and innovation, answer questions and provide direction to less-experienced staff, coach staff including providing timely meaningful written and verbal feedback

Reports to Executive Director, Enterprise Monitoring & Cyber Resilience Direct Reports – This role will manage a team of Forensics, eDiscovery, Incident Response and Threat Hunting SME’s and may have Project Managers, Project Coordinators, Security Architects, and vendors or managed service providers as direct and indirect reports based on security project portfolio.
** Main Responsibilities and Accountabilities:
** Participates in the hiring, growth, and development of junior incident response staff in the areas of threat hunting, forensic analysis, eDiscovery, litigation hold, incident resolution and return to operations. Mentors and directs specially assigned incident response project managers and their teams and program management staff, and actively role models expected project management and leadership behaviors and processes designed to improve project results and the performance of the team.
** Position Qualifications and Experience Requirements:
*
* Required:

College degree, preferably in a related technical subject; or advanced degree in business or industry-related subject or equivalent related work experience in cybersecurity and manufacturing.

Preferred:
An advanced degree (MS) in a relevant discipline (or equivalent) including cybersecurity, management information systems, and related technologies related to manufacturing cybersecurity.

Project management certification / training desirable / CISSP, CISM, CISO, GIAC-GCED, GIAC-GCIH, and/or GIAC-CFE certification preferred.
** Essential

Experience:

*** 8+ years demonstrated experience leading global, multi-functional Digital Forensics/Cybersecurity Incident Response teams (bio-pharma manufacturing environment preferred but not mandatory)
* Strong leadership, consultative, communication, and conflict management skills to influence project leaders and stakeholders, including non-specialists, at all levels in the organization and achieve team objectives while maintaining a positive team environment.
* The ability to train, mentor, and develop project managers in project management methodologies and their application; the ability to manage in a matrix environment.
* The ability to work on complex problems where analysis of situation or data requires an in-depth evaluation of various factors to achieve best results.
* The ability to clearly communicate complex issues to senior management so that critical issues are understood quickly and can be addressed immediately.
* Strong strategic planning, quantitative, and decision analysis capabilities.
* Strong project management and integration skills; ability to coordinate all aspects of a project or program.
*…