Head of Security Incident Response and Threat Intel (Remote)
Working at PerkinElmer | Jobs and Careers at PerkinElmer
Head of Security Incident Response and Threat Intel (Remote)
Boston, Massachusetts | Albany, New York | Austin, Texas | Denver, Colorado | Hartford, Connecticut | Olympia, Washington | Canada | Sacramento, California | Washington, DC | Remote
ResponsibilitiesLocation Boston, MassachusettsUS Job ID REQ-050343
- Security incident response and threat leader for a 5500 person, global organization operating within 40 countries.
- Build a security incident response and threat intel team that will enable the protection of Perkin Elmer’s business across corporate and product security within cloud, multi-cloud, hybrid-cloud and collocated architectures.
- Protect PerkinElmer systems, instruments, and data supporting a diverse set of enterprise and government customers.
- Incident commander for security incidents, ensuring the timely triage, response, containment, and communications around active security incidents.
- Partner with MSSPs to enable a timely and secure exit from transition services agreements (TSAs) including the design, build and run of the net new security monitoring, threat intel, and incident response cloud security technology stack.
- Partner closely with other team members within the CISO function within the areas of risk, compliance, governance and security architecture and engineering, to ensure alignment with the cross-team requirements.
- Partner with the Head of Security Architecture and Engineering to build and run a net new cloud security technology stack utilizing best of breed and cloud native security technologies across 35+ required security areas.
- Collaborate with business stakeholder across Perkin Elmer including, but not limited too, R&D, Quality Management, and Operations.
- Security Monitoring:
- The design and operation of a well tuned, and actionable security alerting and monitoring flow leveraging threat intel, IOCs, and automation
- Monitoring across cloud, multi-cloud, hybrid-cloud, operational technology (OT) and on-prem
- Alignment to MITRE Att&ck or other frameworks
- Partner closely with MSSP for L1, L2, L3 triage and response as needed
- Incident Response:
- Triage, analyze, respond, and contain active threats
- Provide cross business incident response leadership and collaboration
- Tailor response escalation based upon type of incident, level of risk to the business, customer or regulatory impact (compromise vs unauthorized access vs data exposure vs data breach).
- Provide regular updates to the CISO for executive leadership review based upon incident severity
- Coordinate with third party IR forensics and legal firms in the event of a significant breach
- Coordinate with Legal, Sales, and Marketing for external facing security incident communications.
- Threat Intel & Hunting
- Curation, monitoring, and integration of threat intelligence into the security tool chain
- Partner with internal and external staff for threat hunting and penetration testing activities
- Vulnerability Management:
- Respond to 0 day vulnerabilities with the security architecture and engineering team
- ‘Shift Left’ mentality to reduce vulnerabilities
- Expertise in protecting against OWSAP Top 10
- Ability to detect vulnerabilities and partner with devops on timely remediation based on SLAs
- Support third party penetration testing
- Consider cloud, hybrid-cloud, multi-cloud, and on-prem technologies in the design and implementation of security monitoring and response technology stack, and staffing models
- Security log ingestion architecture into SIEM, SOAR, UEBA
- Email & Ransomware Protections:
- Focus on ensuring Perkin Elmer is protected from email based and ransomware attacks
- Monitor emerging ransomware and phishing threats, and implement mitigations in response to those threats as needed
- Partner with security architecture and engineering to implement security strategies, configurations, and technology to protect against Ransomware
- Endpoint Security:
- Collaborate with IT on mobile device management (MDM), including critical security controls admin access management, encryption, patching, and remote wipe.
- Perform endpoint forensics as needed in the event of compromise
- Provide support for security related requests for third-party audits
- Provide quarterly metrics to the CISO on security posture of Perkin Elmer, for the CEO and BOD
- Manage security vendors, budget, and contract renewals in partnering with procurement and finance
- Lead the development, maintenance and review of information security policies and procedures
- Development and implementation of incident response plans, CAPA process, and detailed runbooks
- Work cross functionality with a quality management team in support of pharmaceutical and regulatory security requirements
- Mentor and coach junior team members
- Support information security awareness activities
Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities of this job at any time
- Bachelor’s degree in Computer Science, Information Systems, or related field
- 10+ years experience in security incident response and threat intel
- Experience in leading security efforts for a cloud transformation for a medium to large enterprise organization
- Experience with cloud, multi-cloud, hybrid-cloud, and on-prem technology architectures
- AWS and Azure Cloud IaaS expertise
- Technical expertise in implementing/configuring and running a SIEM, SOAR, UEBA, Security Analytics, EDR/MDR
- English language proficiency
- CISSP, CISM or similar certifications preferred.
- Position is fully remote, preference to candidates in North America, Europe, and Boston Massachusetts and surrounding areas.
- Potential Travel 10%
- Strong written and verbal communication skills and presentation skills
- Leadership, teamwork and client service skills
- Comfortable at the command line, but not required for job function
- Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive
- Demonstrated integrity within a professional environment
Technology Expertise Preferred
- Amazon Web Services (AWS) and Microsoft Azure (AZURE)
- Operating Systems: Windows & Linux
- Zero Trust Network: Zscaler, Palo Alto
- IDP, SSO, MFA – Microsoft, Okta
- IGA – SailPoint, Saviynt
- PAM – Beyond Trust, Saviynt, CyberArk
- MDM – Intune, JAMF, Workspace One
- EDR – SentinelOne, Crowdstrike, Microsoft Defender
- MDR - SentinelOne, Crowdstrike, Microsoft Defender, Expel, Reliaquest
- SIEM – Splunk, Exabeam, LogRhythm
- Log Management – ELK, Data lake as a Service
- Containers – Kubernetes, Docker
- Vulnerability Management – Wiz, Nessus, Qualys, Veracode, Orca, Synack
- Secrets Management – Hashicorp, CyberArk, BeyondTrust, Bitwarden
- Service Now
- Atlassian Suite - JIRA & Confluence
- Operational Technology (OT) security experience at a global manufacturing company
- Defending against nation state threat actors
- Past United States Security Clearance
- Experience preferred in applying relevant technical knowledge in at least four of the following audits/regulations: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, FISMA, FedRAMP, SOX 404, HITRUST CSF, HIPAA, ISO 9001, GxP, 21 CFR Part 11, GAMP 5, EU Annex 11
- Ability to script in languages such as – python, shell, ruby, perl
- Corporate IT / help desk experience
- Master’s degree
- Must be able to remains in a stationary position more than 25% of the time.
- Specific vision abilities required by this position include without limitation, the ability to observe details at close range (within a few feet of the instrument), distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus in order to perform the essential service functions of this position.
- Occasionally operates a computer and other office machinery, such as a calculator, copy machine, and computer printer.
About Working At Perkin Elmer
Backed by an 80-year history rich in innovation, PerkinElmer is a long-time leader and pioneer in the scientific community. We hire talented, committed and driven people and strive to create a work environment that brings out the entrepreneur in all of us. Perkin Elmer has over 5500 employees across 40+ countries.
Benefit packages include: Medical, Dental and Vision; Health Savings Accounts, Flexible Spending Accounts, Health and Wellness Programs and Incentives; Employer Matching 401(k); Tuition Reimbursement; Professional Development; Maternity and Paternity Leave; Paid Holidays and Personal Time Off; Life and Disability Insurance; and Work/Life Balance.
PerkinElmer is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, or veteran status or any other characteristics protected by applicable law. PerkinElmer is committed to a culturally diverse workforce.
Recently Viewed Jobs
You have not saved any jobs.
"PerkinElmer is committed to making the world a better place, from helping improve the environment to the health of people around the world. It is a company with strong values."
From mentoring relationships to robust training programs, we create a customized development plan for you. Learn More »
Meet Our People - Rachel's Story
Learn More »
Our achievements are built on a solid foundation of core values that inspire action, integrity, teamwork and outstanding results. Learn More »
Something looks off?