Alexion is looking for a rare Cybersecurity expert. While we appreciate your expertise gained from the last decade of being immersed in Cyber Security Operations, penetration testing, and hands-on architecture collaboration, we want you to feel extremely uncomfortable with the status-quo. We want you to be a thought leader in dismantling the as-is cybersecurity operations model and building the what comes next approach. Our environment is rapidly changing, as are the tactics, techniques, and procedures we are developing to combat the threat. We are optimistic and see the combination of people, process and technology turning the tide in our favor. That said, we face a tremendous challenge in rewriting the cyber/converged security operations book. We do not actually operate by the book. Specifically, we are no longer operating by the book that dictates that we prepare for the last breach, as we are focused on preventing the next breach. We need you to be aware of security technology developments, be innovative, and able to connect the advances emerging in machine learning and artificial intelligence to create the standard in continuous risk reduction and resilience improvement.
You will be the Security Operations Director’s key lieutenant for all things cybersecurity operations. You will be comfortable existing along the entire operations spectrum from stoking the day-to-day Global Security Operations Center (GSOC) fires to planning the next step-function improvement in our capability portfolio. You will work very closely with the lead security engineer as a pair of innovation pathfinders. You will drive our partners to keep pace or do the leg work to find partners that can and will.
- Serve as the lead cybersecurity operations subject matter expert.
- Lead. Lead the Alexion GSOC cybersecurity analyst team, our managed service partners, and vendors to continuously drive down risk and improve resilience.
- Learn the Alexion global IT enterprise architecture, including networks, network segmentation, manufacturing automation operational technology, business and functional applications, and data structures. Gain a keen understanding of critical assets, their logical and physical interfaces, and relationships to Business Continuity and Disaster Recovery plans.
- Own and create the to-be state cybersecurity incident response tactics, techniques, procedures.
- Serve as a role model, teacher, mentor for GSOC analysts, and more importantly the Alexion workforce.
- Be continuously prepared to speak concisely, confidently, and with expert authority to company leadership, IT leadership, and the Alexion workforce regarding cybersecurity topics that are relevant and deliver constructive observations and recommendations.
- Coordinate with the GSOC manager to establish the schedule, work routine, responsibilities and deliverables for the day-staff cybersecurity analyst, email/phishing analyst, data-loss prevention analyst, and cybersecurity analyst positions that will emerge over time.
- Own, drive, and lead the operational tuning of the Alexion cybersecurity technology stack. Ensure the stack is optimized to deliver true positive results, automate recurring tasks, and compress incident response timelines.
- Own Alexion cybersecurity sensors, sensor settings, sensor policy configurations, and participate in appropriate IT change management processes for non-regulated and regulated IT systems.
- Upon declaration of an incident, take charge of the GSOC cybersecurity incident response effort.
- Collaborate with the lead security engineer to establish the multi-year cyber security roadmap that gets ahead of threats. Maintain currency in emerging Machine Learning and Artificial Intelligence cybersecurity tools and seek opportunities to insert these technologies into the roadmap.
- Recommend policies and/or technical solutions and coordinate the implementation of NIST CSF controls to improve Alexion’s cybersecurity maturity.
- Review cybersecurity governance documents and provide recommended content.
- Maintain currency with threat tactics, techniques, procedures and create feedback loops into Alexion Incident Response people, process, technology. Setup and maintain dark web intelligence sources. Understand the content and elements of the MITRE Attack Matrix, and how its elements align with Alexion’s risk profile.
- Refine existing cybersecurity metrics. Establish the recurring monthly, quarterly, annual metrics deliverable content and schedule that delivers information aligned to Alexion’s risk exposure. We are not looking for the typical volumetric data, we are looking for the relevant business risk story the data conveys.
- Upon ad hoc demand from the Executive Committee, CIO, CSO, Chief Privacy Officer, Legal Counsel, HR, or Operations Director leverage the power of the cybersecurity technology stack’s data to respond to questions, provide recommended actions, support investigations, or support critical decisions.
- Support the GSOC Manager during investigations supporting HR and/or legal. Be prepared to responsively extract, package and summarize user profiles, including file transfers, data access, application utilization, logins, web-browsing patterns, etc.
- Lead planning and execution of cybersecurity training efforts for the Alexion workforce. Leverage the power of the email/web-content/phishing training toolset to create, deliver, and develop the Alexion workforce’s ability to be our cybersecurity first line of defense. Twice annually draft, provide for peer review, and publish current relevant information to the Alexion internal Cyber IQ webpage.
- Be familiar with application vulnerability scanning tools and be prepared to scan and deliver risk assessments to business units creating external facing web pages, content and applications.
- Supervise the GSOC cybersecurity analyst’s execution of the Integrated Vulnerability Management program. Ensure monthly patch content in non-regulated and regulated environments is informed by coherent risk analysis and that vulnerabilities are retired based on risk profile. Coordinate related change management activities and/or actions with the lead security engineer.
- Support the IT Risk Director and Security Operations Director in the planning, coordination, conduct, and post event activities associated with the annual NIST CSF assessment.
- Support the IT Risk Director in preparing and maintaining Business Continuity Plans (BCP) and Disaster Recovery (DR) plans, exercises, and updates. Ensure the cybersecurity incident response plan is consistent with and complimentary to BCP/DR plans, actions, and recurring update cycles.
- Serve as a trusted agent and responsive information source to the Chief Privacy Officer, legal, and HR during the conduct of investigations.
- As directed, coordinate and supervise execution of independent third-party penetration tests.
- Pro-actively participate and represent Alexion in Healthcare-Information Sharing and Analysis Center (H-ISAC) forums, information exchanges, and events. Ensure Alexion leverages H-ISAC threat intelligence sources and contributes as an active community partner.
- Support the lead security engineer and Security Operations Director in generating and staffing IT System Development Lifecycle artifacts.
- Minimum 7 years’ experience in cybersecurity operations, incident response, and security technology capability deployment and optimization.
- Minimum of 5 years leading, motivating, and creating highly engaged cybersecurity operational teams.
- A deep and practical understanding of threat TTPs and trends.
- Immediate access knowledge and application of threat intelligence sources, dark web included.
- Proven ability to rapidly to extract and interpret data from security tools.
- Ability to integrate state-of-the-art solutions into security operations.
- Scars from working through hygiene and change management challenges in a regulated environment.
- A finely calibrated understanding of vulnerabilities and how risk is a function of critical business operations and applications.
- Practical knowledge and ability to use forensics toolkits and conduct analysis.
- Awareness of workforce trends in terms of Cloud based SaaS application use, mobile device proliferation, and a global workforce always online.
- Strong demonstrated knowledge of technologies including network, server, desktop, storage, and how security relates to the overall IT enterprise.
- Familiarity with national and international regulatory compliance and information security frameworks such as BSIMM, SOX, ISQ, BASEL II, EU DPD, HIPAA, COBIT and PCI DSS.
- Information Security Certifications such as Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager (CISM) is preferred.
- Business analysis skills, problem solving techniques, and follow-up.
- Experience working with global teams based in Europe, Asia, and the United States.
- Bachelor degree in Cybersecurity, Computer Science, Engineering discipline is preferred, however non-technical degreed people with proven cybersecurity chops are great candidates.
New Haven, CT, United States
Some opportunities happen only once in a lifetime - like a job where you have the extraordinary opportunity to change lives. At Alexion, such opportunities arise through our unwavering mission to serve patients and families affected by rare diseases. These patients are our guiding star, and we act with integrity, urgency, and discipline because we know their lives are at stake.
Alexion is a global biopharmaceutical company focused on serving patients and families affected by rare diseases through the discovery, development and commercialization of life-changing therapies. As the global leader in complement biology and inhibition for more than 20 years, Alexion has developed and commercializes the first and only approved complement inhibitor to treat patients with paroxysmal nocturnal hemoglobinuria (PNH), atypical hemolytic uremic syndrome (aHUS), and anti-acetylcholine receptor (AchR) antibody-positive generalized myasthenia gravis (gMG). Alexion also has two highly innovative enzyme replacement therapies for patients with life-threatening and ultra-rare metabolic disorders, hypophosphatasia (HPP) and lysosomal acid lipase deficiency (LAL-D). In addition, the company is developing two late-stage therapies, a second complement inhibitor and a copper-binding agent for Wilson disease. Alexion focuses its research efforts on novel molecules and targets in the complement cascade and its development efforts on the core therapeutic areas of hematology, nephrology, neurology, and metabolic disorders. Alexion has been named to the Forbes list of the World's Most Innovative Companies seven years in a row and is headquartered in Boston, Massachusetts' Innovation District. The company also has offices around the globe and serves patients in more than 50 countries.
Alexion's aspiration is to be the most rewarding place to work, where people are empowered to make a difference and where diversity of backgrounds and ideas is encouraged. We are looking for talented individuals who share our passion and commitment to change the lives of patients with rare diseases. We hope you will consider joining our team. Further information about Alexion can be found at: www.alexion.com.
As a leading employer in our industry, Alexion is proud to offer a highly competitive package of base and incentive compensation as well as a comprehensive benefits program designed to support the health, wellness and financial security of our employees and their families. Benefits include group medical, vision and dental coverage, group and supplemental life insurance, 401(k) with company match, tuition reimbursement, relocation assistance and much more.