Director, Cybersecurity Operations

Job Description

Job Description

Lantheus is headquartered in Bedford, Massachusetts with offices in New Jersey, Canada, and Sweden. For more than 60 years, Lantheus has been instrumental in pioneering the field of medical imaging and has helped physicians enhance patient care with its broad product portfolio.

Lantheus is an entrepreneurial, agile, growing organization that provides innovative diagnostics, targeted therapeutics, and artificial intelligence (AI) solutions that empower clinicians to find, fight and follow disease.

At Lantheus our purpose and values guide our behaviors in all interactions and play a vital role in creating a dynamic environment that contributes to our success.

Every employee is crucial to our success; we respect one another and act as one knowing that someone’s health is in our hands.

We believe in helping people be their best and are seeking to bring together a diverse group of individuals with different viewpoints and skill sets to be a part of a productive and inclusive team.

The Director, Security Operations is responsible for developing the strategy, vision, and execution of the Security Operations team responsibilities.

This role is accountable for the key security operations areas, including but not limited to, incident response, data loss prevention, security monitoring, threat management, host security and vulnerability management.

This role will report directly to the Chief Information Security Officer and manage the relationships with key IT stakeholders across the organization to provide efficient and consistent security operations services.

Responsibilities include, but are not limited to :

• Oversee and manage the Security Operations Center (SOC), and lead staff to proactively manage the detection, prevention, response, and remediation of security incidents
• Oversee the planning, budgeting and directing of all Security Operations activities across the team
• Define, oversee, and manage the governance of the functions of the Security Operations team so as to ensure data security and regulatory compliance, including the identification and management of multiple security, risk, and performance metrics
• Manage the Information Security Operations staff, including resourcing, mentoring, and career development
• Advise Lantheus management and business units on mobile device security and endpoint security directives and actions
• Take lead in performing security testing of applications, networks and infrastructures, including vulnerability assessments, penetration testing and manual testing techniques
• Support development of data loss prevention (DLP) strategies and tooling
• Contribute to and coordinate audit management efforts with regulators, internal and external auditors
• Contribute to the development of standards, procedures, and guidelines for security monitoring
• Drive continuous performance improvements in incident response and mitigation of threats and vulnerabilities
• Identify opportunities for enhanced coverage of threat intelligence and security monitoring; recommend and implement solutions

Minimum Requirements :

• Bachelor’s or master’s degree in a relevant field of work or equivalent combination of education and work experience
• 10+ years of experience in cybersecurity and with a minimum of 5 years direct experience in information security operations, including SIEM, IDS / IPS, network security, email security, patching and lifecycle management, endpoint security, and incident response
• 5+ years Management / leadership experience; managing people, projects, budgets, and processes
• CISSP preferred, but not required
• Experience with the implementation and oversight of fusion centers a plus
• Understanding and technical knowledge of Security Operations concepts, including but not limited to, incident response, forensics, data loss prevention, security monitoring, threat management, host security and vulnerability management
• Knowledge of common information security management frameworks, such as ISO / IEC 27001, ITIL, COBIT and ones from NIST, SANS, etc.
• Ability to design and evaluate processes to build security functions and review processes for ongoing improvement
• Ability to development information security operations operating plans consistent with the strategy and vision of Lantheus
• Excellent oral and written communication skills
• Experience in the management and / or implementation of security monitoring, anti-malware, data loss prevention and vulnerability management technologies
• Certification and experience in SCADA security and / or laboratory / equipment security a strong plus
• Advanced education / certification in SDLC and / or Application Security a strong plus
• Experience in security programs in the healthcare and / or life sciences is a plus
• Expertise in Cloud Security Domains is a plus; CCSP certification is a strong plus
• Cloud Concepts, Architecture, and Design
• Cloud Data Security
• Cloud Platform and Infrastructure Security
• Cloud Application Security
• Cloud Security Operations

Lantheus is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any characteristic protected under applicable law.

Lantheus is an E-Verify Employer in the United States. Lantheus will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable law.

Any applicant requiring an accommodation in connection with the hiring process and / or to perform the essential functions of the position for which the applicant has applied should make a request to the Lantheus Talent Acquisition team at [email protected].