isecjobs.com

Incident Response Lead – IT, Cybersecurity Fusion Center

US - NC - Raleigh, Estados Unidos

Full Time Senior-level / Expert USD 146K - 189K
Company logo

Gilead Sciences

Gilead Sciences, a biopharma company, achieves bold ambitions to help make the world a healthier place, leading in HIV, liver disease, cancer & inflammation.

View all jobs at Gilead Sciences

Apply now Apply later

At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.
 

Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.
 

We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.

Job Description
 

POSITION SUMMARY

As a Cyber Security Incident Response Lead, you will be at the forefront of our organization's defense against Cyber threats. This hands-on technical role requires a seasoned Cybersecurity professional with extensive experience in Threat detection & Incident response, a strategic mindset, and the ability to guide and mentor other response teams. Your core role will be to orchestrate the response to complex cybersecurity incidents, ensuring effective mitigation strategies, and contributing to the enhancement of our overall cyber resilience. A key responsibility is to continually assess security monitoring effectiveness and to make recommendations to improve Cyber Security Incident Response capabilities. This position reports to the Director of Cyber Fusion Center (Global Cyber Security Operations) and works closely with key stakeholders in incident response roles company wide.

ESSENTIAL JOB FUNCTIONS

  • Extensive knowledge and experience in handling Cyber Security threats and Incident response activities including Detection, Triage, Investigation, Remediation and Recovery from security issues.
  • Extensive experience as Security Incident commander, leading security investigations while liaising with IT Operations, legal, and business teams through security incidents
  • Extensive experience with designing, implementing, and optimizing a Security Incident Response process
  • Extensive experience with designing and implementing SOC and IR technologies including SIEM, EDR, UEBA, among other capabilities
  • Monitor security events to detect threats and analyze situations in context to detect advanced threats.
    • Alerts analysis
    • Investigate Incidents
    • Analyze Malware
  • Develop Security Operations Center detection tools, rules and intelligence to improve detection & investigation efficiency of the Center.
  • Assess new technologies, tests them in a lab environment and proposes them for SOC improvement.
  • Operate Security Operations Center devices to ensure high availability and security.
  • Maintain and operate SOC network, systems, workstations and other technical components.
  • On-call availability outside business hours.

REQUIRED SKILLS & JOB QUALIFICATIONS

  • Minimum 8+ years of IT experience with progressive responsibilities, and with at least 5 years of Cyber Security experience.
  • Security professional with a strong technical background in Cyber Security, Windows / Linux, Network Security, Security Operations Center (SOC), Cloud Security (AWS, Azure), MITRE ATT&CK or similar frameworks, Threat Analysis, IT Operations and Incident response
  • Strong verbal and written communication skills with the ability to adapt information delivery based on the target audience.
  • Ability to create or review procedures for protection of systems and applications.
  • Knowledge of information security principles, concepts, practices, systems software, database software, and immediate access storage technology to carry out activities relating to security certification and accreditation.
  • Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
  • Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach.
  • Experience with security tools and platforms including SIEM, IPS/IDS, Endpoint and Server protection, Network protection, Firewalls, etc.
  • Extensive experience in Cyber threat and vulnerability analysis and remediation.
  • Forensic examination and data preservation.
  • Significant experience doing internal and external penetration testing (red / blue / purple team experience)
  • Very strong security awareness and knowledge.
  • Strong understanding of key infrastructure systems (Active Directory, Windows/Linux, Databases, Cloud systems)
  • Ability to multitask and manage multiple topics and demands concurrently.
  • Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management.
  • Prior working experience in a Pharmaceutical company is a plus.
  • Performs other duties as assigned.

Preferred Skills:

Proficiency in digital forensics, malware analysis, and threat hunting.

Experience with threat intelligence platforms and attack frameworks.

Familiarity with Cloud security threat detection and monitoring best practices.

EDUCATION & CERTIFICATION

  • High School Degree and Twelve Years Experience OR Associate's Degree and Ten Years Experience OR Bachelor's Degree and Eight Years Experience OR Master's Degree and Six Years Experience OR PhD
  • Information Security Certification (CISSP, GSEC, GPEN, CEH, etc.) or other related security certification is highly desired.
  • Microsoft, AWS, Linux, Unix, and Cisco certifications would be an asset

Gilead Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)


 

The salary range for this position is: $146,200.00 - $189,200.00. Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package. Benefits include company-sponsored medical, dental, vision, and life insurance plans*.

For additional benefits information, visit:

https://www.gilead.com/careers/compensation-benefits-and-wellbeing

* Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.


For jobs in the United States:

As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact ApplicantAccommodations@gilead.com for assistance.
 

For more information about equal employment opportunity protections, please view the 'Know Your Rights' poster.

NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT

PAY TRANSPARENCY NONDISCRIMINATION PROVISION

Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.

Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.


For Current Gilead Employees and Contractors:

Please apply via the Internal Career Opportunities portal in Workday.

Apply now Apply later
Job stats:  0  0  0
Categories: Incident Response Jobs Leadership Jobs

Tags: Active Directory AWS Azure CEH CISSP Cloud EDR Firewalls Forensics GPEN GSEC IDS Incident response IPS ITIL Linux Malware MITRE ATT&CK Monitoring Network security Pentesting PhD Polygraph SIEM SOC Threat detection Threat intelligence UNIX Windows

Perks/benefits: Career development Health care Insurance Medical leave Salary bonus Team events Transparency

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Officer jobsSenior Security Analyst jobsInformation System Security Officer jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSystems Administrator jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsSecurity Consultant jobsSecurity Specialist jobsIT Security Analyst jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsSenior Information Security Engineer jobsSenior Product Security Engineer jobsStaff Security Engineer jobs
GDPR jobsSaaS jobsEncryption jobsTop Secret jobsEDR jobsSplunk jobsSQL jobsBash jobsMalware jobsThreat detection jobsFinance jobsIDS jobsSDLC jobsRMF jobsForensics jobsIPS jobsTerraform jobsDocker jobsIntrusion detection jobsITIL jobsCompTIA jobsActive Directory jobsDoDD 8570 jobsOWASP jobsSOC 2 jobs
CRISC jobsGIAC jobsUNIX jobsSAP jobsAnsible jobsHIPAA jobsSANS jobsOSCP jobsTCP/IP jobsBanking jobsVPN jobsCCSP jobsJira jobsMITRE ATT&CK jobsClearance Required jobsJavaScript jobsIT infrastructure jobsSOX jobsSOAR jobsIndustrial jobsMachine Learning jobsData Analytics jobsVMware jobsPolygraph jobsDNS jobs