Reporting to the Harvard Medical School (HMS) CISO, the Director of Security Operations and Cyber Defense will design, build, and manage an enterprise-level security operations center (SOC) and program. This role will also collaborate with HMS security and IT to build strong network security, OS security, and cloud security programs, identify top areas of risk, shape mitigation strategies, and have a major part in the security architecture. As you identify threats and opportunities, you will define appropriate risk reduction strategies and technologies and work cross-functionally to implement the appropriate security controls and strategies you define. This position will require a hands-on security leader who enjoys staying connected to technical controls and security tools.

Key responsibilities include the following:

• Work with our IT platform, cloud, and infrastructure teams to identify new detection opportunities and build out the signal collection to support it.
• Build and manage a right-sized Security Operation Center for HMS and HSDM.
• Form repeatable processes for prioritizing and responding to alerts and developing playbooks.
• Review organizational requirements for security systems and collaborate with other engineers and developers to decide on an overall technical approach.
• Work with products and concepts in the Endpoint and Server protection space such as: Exploit mitigation, Attack surface reduction, Anti-virus/malware, EDR, and DLP.
• Ensure the delivery of Network Security solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements.
• As a primary point of contact for security incident response, monitor progress and enforces resolution of outstanding issues that may indicate or lead to security.
• Ensure the proper implementation and use of SIEM (Splunk or other) and proper alerts/correlations.
• Continuous monitoring, detection, and response.

• Minimum of seven years’ post-secondary education or relevant work experience
• Supervisory experience

• BA or BS in Computer Science, Information Management, preferred
• Eight or more years of progressive experience in the information security field, in a complex or decentralized IT environment.
• Excellent written and verbal communication skills and can translate security objectives to cross-functional partners.
• Ability to understand business needs and develop solutions.
• Must be able to work in a collaborative team environment.
• Ability to multi-task and work cooperatively with a diverse range of people. Must have strong interpersonal skills.
• Solid understanding of enterprise security principles and best practices
• Working knowledge of endpoint/server security and network security
• Experience in building or managing a Security Operations Center
• Experience with Splunk, Elastic, or other products as a SIEM
• Track record of implementing and deploying enterprise level security solutions
• Track record of maturing security capabilities to proactively identify security threats and develop detections
• Experience with CASB
• Experience with Secure Enclaves
• Experience with ensuring effective signal/log correlations and alerts
• Experience responding to incidents to drive containment and remediation
• Proficient in many with deep expertise in several cybersecurity technologies, IT concepts, strategies, and methodologies, as well as security aspects of multiple platforms, operating systems, software, communications, and network protocols
• Understanding of the mechanics of OS exploits, and methods for preventing and/or detecting OS exploits as well as tactics, techniques, and procedures (TTPs) used by threat actors against endpoints
• Experience using data to inform decisions and familiarity with quantified risk

• Completion of Harvard IT Academy Information Security Foundations course (or external equivalent) preferred
• IT Security Certification preferred; e.g., CISSP, CISA/CISM, and/or GIAC

This position is based in Boston and some in-person on-campus work will be required, and flexible/remote work is an option. Any remote work must be performed in a state in which Harvard is registered to do business (CA*, CT, GA, IL, MA, MD, ME, NH, NJ, NY, RI, VA, VT, and WA). Individual flexible and remote work options for this role will be discussed during the interview process. *Note: Harvard employees working in California must be exempt.

Harvard University continues to place the highest priority on the health, safety, and well-being of its faculty, staff, and students, as well as the wider community. Please note that all new employees will be required to complete an attestation of having received their primary series COVID-19 vaccination prior to hire, as detailed on our COVID-19 Vaccine Requirement Webpage. Individuals may request exemption from the vaccine requirement for medical or religious reasons prior to completing the hiring process. Additional information regarding this requirement, exemptions, verification of vaccination status, and other related policies and resources may be found on the University’s COVID-19 Information Website.

Please note that we are currently conducting a majority of interviews and onboarding remotely and virtually. We appreciate your understanding.

The Harvard Medical School is not able to provide visa sponsorship for this position.

Not ready to apply? Join our talent community to keep in touch and learn about future opportunities!

We invite you to visit Harvard’s Total Rewards website to learn more about our outstanding benefits package, which may include:

• Paid Time Off: 3-4 weeks of accrued vacation time per year (3 weeks for support staff and 4 weeks for administrative/professional staff), 12 accrued sick days per year, 12.5 holidays plus a Winter Recess in December/January, 3 personal days per year (prorated based on date of hire), and up to 12 weeks of paid leave for new parents who are primary care givers.
• Health and Welfare: Comprehensive medical, dental, and vision benefits, disability and life insurance programs, along with voluntary benefits. Most coverage begins as of your start date.
• Work/Life and Wellness: Child and elder/adult care resources including on campus childcare centers, Employee Assistance Program, and wellness programs related to stress management, nutrition, meditation, and more.
• Retirement: University-funded retirement plan with contributions from 5% to 15% of eligible compensation, based on age and earnings with full vesting after 3 years of service.
• Tuition Assistance Program: Competitive program including $40 per class at the Harvard Extension School and reduced tuition through other participating Harvard graduate schools.
• Tuition Reimbursement: Program that provides 75% to 90% reimbursement up to $5,250 per calendar year for eligible courses taken at other accredited institutions.
• Professional Development: Programs and classes at little or no cost, including through the Harvard Center for Workplace Development and LinkedIn Learning.
• Commuting and Transportation: Various commuter options handled through the Parking Office, including discounted parking, half-priced public transportation passes and pre-tax transit passes, biking benefits, and more.
• Harvard Facilities Access, Discounts and Perks: Access to Harvard athletic and fitness facilities, libraries, campus events, credit union, and more, as well as discounts to various types of services (legal, financial, etc.) and cultural and leisure activities throughout metro-Boston.

Information Technology

USA - MA - Boston

I0460M IT Info Security Management VI

Hybrid (partially on-site, partially remote)

IT-Security

-

Full-time

060

00 - Non Union, Exempt or Temporary

Criminal, Education, Identity

We are committed to cultivating an inclusive workplace culture of faculty, staff, and students with diverse backgrounds, styles, abilities, and motivations. We appreciate and leverage the capabilities, insights, and ideas of all individuals. Harvard Medical School Mission and Community Values

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, gender identity, sexual orientation, pregnancy and pregnancy-related conditions, or any other characteristic protected by law.