Associate Director, Threat and Vulnerability Management - Information Security Operations - Remote

What if the work you did every day could impact the lives of people you know? Or all of humanity?

At Illumina, we are expanding access to genomic technology to realize health equity for billions of people around the world. Our efforts enable life-changing discoveries that are transforming human health through the early detection and diagnosis of diseases and new treatment options for patients.

Working at Illumina means being part of something bigger than yourself. Every person, in every role, has the opportunity to make a difference. Surrounded by extraordinary people, inspiring leaders, and world changing projects, you will do more and become more than you ever thought possible.

Position Summary

Responsible for successfully executing enterprise-wide Information Security Operational controls and processes that protect the company’s data and functions across all business areas.  Adhering to data protection standards, procedures, regulatory oversight, and technical solutions for the Information Security department. 

Develop and execute a comprehensive Insider Threat strategy, responsible for program development, and effective operations of all associated controls. This position will be highly engaged cross functionally, always providing high quality security solutions to detect, assess, monitor, and respond for insider threats ranging from users to assets and manage security information to keep ahead of such threats.

Leads the Vulnerability Management program as a vulnerability management SME throughout a global technology organization with various legacy and modern systems within data centers and the cloud. Develops enterprise policy and technical standards with specific regard to vulnerability management and secure configuration.

Performs all duties in accordance with the company’s policies and procedures, all state, federal, and country laws and regulations, wherein the company operates.

In accordance with regulatory and audit requirements, this position will perform analysis of systems and programs, including the cyber-security related programs and initiatives.  Delivery of activity reporting, including metrics, environment impact, effectiveness progress, and performance, and risk indicators.

Responsibilities

• Designing and implementing an Insider Threat program leveraging technologies such Security Information Event Management - SIEM, User Behavioral Analytics - UBA, Data Loss Prevention - DLP and an understanding of the investigations and intelligence cycle
• Oversight of Vulnerability Management Program for IT, OT and Cloud assets across the enterprise
• Leadership position responsible for the independent execution and continuous improvement of the Insider Threat and Vulnerability Management programs
• Testing and maintaining security tooling, particularly for endpoint detection and investigation
• Collaborating cross-functionally with Security, IT, Human Resources, Privacy, and Legal on defining policy and investigative outcomes
• Creating and maintaining all documentation around insider threat and vulnerability management processes, procedures and necessary evidence for compliance
• Developing operational processes and alignment with cross functional teams
• Creating and documenting business process, and communicating needs inside and outside of the team
• Act on improving processes and procedures
• Maturing, or building new, TVM SLA & KPI tracking tools to ensure team and company compliance
• Utilizing threat intel and analysis tools and vendors to identify, automate, manage and prioritize continually changing threats
• Manage a team responsible for Monitoring, tracking, investigating, and reporting in compliance with security requirements, and works with the responsible parties to drive timely results and remediation
• Generates and monitors effective and actionable Information Security reporting across all Information Security technical landscape
• Research and track current security threats
• Participates in the global distribution of the enterprise Cyber-Security Operations Security Awareness training and campaigns
• Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)
• Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organization
• Participate in on-call efforts on a rotational basis

Requirements

• Strong oral and written communication skills appropriate for consultation with all levels of management
• Experience with building Insider Threat programs and associated best practices
• Vulnerability Management program leadership experience
• Experience building and training teams
• Strong problem-solving and analytical skills
• Experience in collaboration amongst multiple lines of business and geographic theaters. Multi-national enterprise experience
• Information Security-based certification preferred (i.e., CompTIA, Network+/Security+, CEH, GIAC GSE, SANS Academy certs, or similar)
• The ability to thrive in a fast-paced, dynamic environment
• The ability to influence and drive change within teams and the organization
• A self-starter with a hands-on style, high level of energy, stamina, and drive 
• A strong team player who is proactive and driven to achieve results 
• Organizational and time management skills
• Previous senior leadership experience working as part of an enterprise Information Security team

Experience/Education

• 5+ years leadership experience with Insider Threat program
• 5+ years leadership experience in Vulnerability Management
• 5+ years’ experience in multiple Cybersecurity domains (i.e., Identify & Access Control, Network Security, Firewalls, Enterprise Directory Systems, Encryption, Data Loss Prevention {DLP}, Comprehensive Endpoint Protection, & Information Security Operations)
• 3+ Incident Management, Monitor and Response experience in a Cybersecurity operation-based environment nice to have
• In-depth familiarity with enterprise workflow tools, scripting, and ability to develop and improve tool utilization, and promote process efficiency
• Bachelor's degree in Information Systems, Computer Science, Information Security, and/or related work experience

#LI-REMOTE

The estimated base salary range for the Associate Director, Threat and Vulnerability Management - Information Security Operations - Remote role based in the United States of America is: $167,200 - $250,800. Should the level or location of the role change during the hiring process, the applicable base pay range may be updated accordingly. Compensation decisions are dependent on several factors including, but not limited to, an individual’s qualifications, location where the role is to be performed, internal equity, and alignment with market data. Additionally, all employees are eligible for one of our variable cash programs (bonus or commission) and eligible roles may receive equity as part of the compensation package. We offer a wide range of benefits as innovative as our work, including access to genomics sequencing, family planning, health/dental/vision, retirement benefits, and paid time off.

At Illumina, we strive to foster a diverse and inclusive workplace by cultivating an environment in which everyone contributes to our mission. Built on a strong foundation, Illumina has always been rooted in openness, collaboration, and seeking alternative views and perspectives to propel innovation in genomics. We are proud to confirm a zero-net gap in pay, regardless of gender, ethnicity, or race. We also have several Employee Resource Groups (ERG) that deliver career development experiences, increase cultural awareness, and demonstrate our collective commitment to diversity and inclusion in the communities we live and work. We are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information. If you require accommodation to complete the application or interview process, please contact accommodations@illumina.com. To learn more, visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf. The position will be posted until a final candidate is selected or the requisition has a sufficient number of qualified applicants.