Job description
Position Description
Reporting to the Harvard Medical School (HMS) CISO, the Director of Security Operations and Cyber Defense will design, build, and manage an enterprise-level security operations center (SOC) and program. This role will also collaborate with HMS security and IT to build strong network security, OS security, and cloud security programs, identify top areas of risk, shape mitigation strategies, and have a major part in the security architecture. As you identify threats and opportunities, you will define appropriate risk reduction strategies and technologies and work cross-functionally to implement the appropriate security controls and strategies you define. This position will require a hands-on security leader who enjoys staying connected to technical controls and security tools.
Key responsibilities include the following:
- Work with our IT platform, cloud, and infrastructure teams to identify new detection opportunities and build out the signal collection to support it.
- Build and manage a right-sized Security Operation Center for HMS and HSDM.
- Form repeatable processes for prioritizing and responding to alerts and developing playbooks.
- Review organizational requirements for security systems and collaborate with other engineers and developers to decide on an overall technical approach.
- Work with products and concepts in the Endpoint and Server protection space such as: Exploit mitigation, Attack surface reduction, Anti-virus/malware, EDR, and DLP.
- Ensure the delivery of Network Security solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements.
- As a primary point of contact for security incident response, monitor progress and enforces resolution of outstanding issues that may indicate or lead to security.
- Ensure the proper implementation and use of SIEM (Splunk or other) and proper alerts/correlations.
- Continuous monitoring, detection, and response.
Basic Qualifications
- Minimum of seven years’ post-secondary education or relevant work experience
- Supervisory experience
Additional Qualifications and Skills
- BA or BS in Computer Science, Information Management, preferred
- Eight or more years of progressive experience in the information security field, in a complex or decentralized IT environment.
- Excellent written and verbal communication skills and can translate security objectives to cross-functional partners.
- Ability to understand business needs and develop solutions.
- Must be able to work in a collaborative team environment.
- Ability to multi-task and work cooperatively with a diverse range of people. Must have strong interpersonal skills.
- Solid understanding of enterprise security principles and best practices
- Working knowledge of endpoint/server security and network security
- Experience in building or managing a Security Operations Center
- Experience with Splunk, Elastic, or other products as a SIEM
- Track record of implementing and deploying enterprise level security solutions
- Track record of maturing security capabilities to proactively identify security threats and develop detections
- Experience with CASB
- Experience with Secure Enclaves
- Experience with ensuring effective signal/log correlations and alerts
- Experience responding to incidents to drive containment and remediation
- Proficient in many with deep expertise in several cybersecurity technologies, IT concepts, strategies, and methodologies, as well as security aspects of multiple platforms, operating systems, software, communications, and network protocols
- Understanding of the mechanics of OS exploits, and methods for preventing and/or detecting OS exploits as well as tactics, techniques, and procedures (TTPs) used by threat actors against endpoints
- Experience using data to inform decisions and familiarity with quantified risk
Certificates and Licenses
- Completion of Harvard IT Academy Information Security Foundations course (or external equivalent) preferred
- IT Security Certification preferred; e.g., CISSP, CISA/CISM, and/or GIAC
Additional Information
Harvard University continues to place the highest priority on the health, safety, and well-being of its faculty, staff, and students, as well as the wider community. Please note that all new employees will be required to complete an attestation of having received their primary series COVID-19 vaccination prior to hire, as detailed on our COVID-19 Vaccine Requirement Webpage. Individuals may request exemption from the vaccine requirement for medical or religious reasons prior to completing the hiring process. Additional information regarding this requirement, exemptions, verification of vaccination status, and other related policies and resources may be found on the University’s COVID-19 Information Website.
Please note that we are currently conducting a majority of interviews and onboarding remotely and virtually. We appreciate your understanding.
The Harvard Medical School is not able to provide visa sponsorship for this position.
Not ready to apply? Join our talent community to keep in touch and learn about future opportunities!
Benefits
- Paid Time Off: 3-4 weeks of accrued vacation time per year (3 weeks for support staff and 4 weeks for administrative/professional staff), 12 accrued sick days per year, 12.5 holidays plus a Winter Recess in December/January, 3 personal days per year (prorated based on date of hire), and up to 12 weeks of paid leave for new parents who are primary care givers.
- Health and Welfare: Comprehensive medical, dental, and vision benefits, disability and life insurance programs, along with voluntary benefits. Most coverage begins as of your start date.
- Work/Life and Wellness: Child and elder/adult care resources including on campus childcare centers, Employee Assistance Program, and wellness programs related to stress management, nutrition, meditation, and more.
- Retirement: University-funded retirement plan with contributions from 5% to 15% of eligible compensation, based on age and earnings with full vesting after 3 years of service.
- Tuition Assistance Program: Competitive program including $40 per class at the Harvard Extension School and reduced tuition through other participating Harvard graduate schools.
- Tuition Reimbursement: Program that provides 75% to 90% reimbursement up to $5,250 per calendar year for eligible courses taken at other accredited institutions.
- Professional Development: Programs and classes at little or no cost, including through the Harvard Center for Workplace Development and LinkedIn Learning.
- Commuting and Transportation: Various commuter options handled through the Parking Office, including discounted parking, half-priced public transportation passes and pre-tax transit passes, biking benefits, and more.
- Harvard Facilities Access, Discounts and Perks: Access to Harvard athletic and fitness facilities, libraries, campus events, credit union, and more, as well as discounts to various types of services (legal, financial, etc.) and cultural and leisure activities throughout metro-Boston.
Job Function
Department Office Location
Job Code
Work Format
Department
Sub-Unit
Time Status
Salary Grade
Union
Pre-Employment Screening
Commitment to Equity, Diversity, Inclusion, and Belonging
EEO Statement
jjbodyshop.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, jjbodyshop.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, jjbodyshop.com is the ideal place to find your next job.