This job has expired, please see additional jobs below
Cyber Threat Intelligence & Response, Senior Director
CVS Health Corporation
Woonsocket, RI, United States
Job Details - this job has expired, please see similar jobs below
Position Summary
The Senior Director of Cyber Threat Intelligence and Response is accountable and responsible for all aspects of the program for cyber threat intelligence and response. As the Senior Director of Cyber Threat Intelligence, you will lead the cyber security incident response process and advanced functions related to malware analysis, computer intrusion, theft of information and denial of service as wel as lead the development and maintenance of the security monitoring and incident response strategy.
In addition, you will develop plans that align with the strategy, and track progress against plan, develop and/or refine security monitoring and incident response processes and procedures, lead the integration of incident response processes with enterprise wide disaster and crisis management processes and provide requirements for dashboards or platform-specific consoles, repositories, and/or third party security services.
Additional responsibilities include:
• Implement instrumentation oversight of security tools and security monitoring of systems operated by the company.
• Define security configuration for monitoring tools, including alerts, correlation rules, and reporting.
• Provide situational awareness to appropriate personnel through clear and concise communications.
• Establish and maintain appropriate threat-intelligence sharing protocols with stakeholder entities.
• Ensure cybersecurity incidents and internal cases are properly identified, characterized, and resolved in an efficient and effective manner.
• Oversee the quality of investigatory reports and casework to make sure that proper forensic techniques, chain of custody, and privacy regulations are followed.
• Provide leadership, mentoring, and guidance to Cyber Threat Intelligence and Response personnel.
• Provide situational awareness to appropriate personnel through clear and concise communications.
• Incorporate intelligence provided by partner teams to conduct proactive and reactive operations to mitigate emerging threats.
• Work closely with internal groups such as Human Resources, Loss Prevention, Legal, and Compliance on internal cases and incident response.
• Develop and improve KPIs, metrics, trending and develop refine procedures and techniques used by the team
• Respond to and assist with audits, assessments and compliance requests
• Participate and lead new projects as needed
• Serve as law-enforcement and client liaison as needed on matters pertaining to Security Operations
Required Qualifications
-Minimum 12 years of relevant professional experience directly related to information security operations management, security monitoring, and incident response, cyber or computer network defense
-Experience in managing an enterprise security operations program
-Understanding of network, desktop, and server technologies, including network
Experience with intrusion methods, network containment, segregation techniques, firewall configuration, IDS/IPS, and experience with SIEM technology.
-GCIH certification or demonstrated mastery of best practices for security operations and incident response.
-EnCE certification or demonstrated mastery of forensic tools such as EnCase or FTK
-Integration work with security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstations, mobile devices, etc.
-Malware analysis, virus exploitation, and mitigation techniques experience.
-Experience managing an enterprise-level incident response team.
-Experience in forensic investigatory techniques and case documentation.
-Previous experience with APT investigations, live incident response techniques and case documentation.
-Hands-on experience and possess a good understanding of several common security tools, including SIEM, IDS/IPS, DLP and WAF, as well as host and network forensics tools.
-Experience addressing advanced threats targeting large enterprises and the tools, tactics, and procedures used by those threats.
-Experience establishing well defined procedures and appropriate mitigation strategies derived from post incident analysis and lessons learned.
Preferred Qualifications
• Past participation in external Threat Intelligence and Information Sharing organizations (ISACs, ISAOs, Sector Coordinating Councils)
• Court testimony or law enforcement experience.
• Experience with Information Security in a Pharmacy Benefits Management, Specialty Pharmacy, Retail or Health Insurance environment a plus.
• GCFA certification is a plus.
• Deep understanding of regulatory and industry standards, including SOX, HIPAA, PCI-DSS and CTPAT
• Experience with Information Security in a Pharmacy Benefits Management or Retail environment a plus.
• 5+ years of experience managing a Security Operations and/or Cyber Threat Intelligence program in a highly-regulated sector, such as healthcare or financial services
• Deep understanding of regulatory and industry standards, including SOX, HIPAA, PCI-DSS, GDPR, and CTPAT
• Demonstrated ability to establish well defined procedures
• Demonstrated ability to integrate security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstation
Education
Bachelors Degree Required.
Master's degree preferred.
Business Overview
CVS Health, through our unmatched breadth of service offerings, is transforming the delivery of health care services in the U.S. We are an innovative, fast-growing company guided by values that focus on teamwork, integrity and respect for our colleagues and customers. What are we looking for in our colleagues? We seek fresh ideas, new perspectives, a diversity of experiences, and a dedication to service that will help us better meet the needs of the many people and businesses that rely on us each day. As the nation’s largest pharmacy health care provider, we offer a wide range of exciting and fulfilling career opportunities across our three business units – MinuteClinic, pharmacy benefit management (PBM) and retail pharmacy. Our energetic and service-oriented colleagues work hard every day to make a positive difference in the lives of our customers.
CVS Health is an equal opportunity employer. We do not discriminate in hiring or employment against any individual on the basis of race, ethnicity, ancestry, color, religion, sex/gender (including pregnancy), national origin, sexual orientation, gender identity or expression, physical or mental disability, medical condition, age, veteran status, military status, marital status, genetic information, citizenship status, unemployment status, political affiliation, or on any other basis or characteristic prohibited by applicable federal, state or local law. CVS Health will consider qualified job candidates with criminal histories in a manner consistent with federal, state and local laws. CVS Health will not discharge or in any other manner discriminate against any Colleague or applicant for employment because such Colleague or applicant has inquired about, discussed, or disclosed the compensation of the Colleague or applicant or another Colleague or applicant. Furthermore, we comply with the laws and regulations set forth in the following EEO is the Law Poster: EEO IS THE LAW and EEO IS THE LAW SUPPLEMENT
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. If you require assistance to apply for this job, please contact us by clicking Advice and Counsel
CVS Health does not require nor expect that applicants disclose their compensation history during the application, interview, and hiring process.