AD, Cybersecurity

Lantheus is headquartered in Bedford, Massachusetts with offices in Canada, and Sweden.  For more than 60 years, Lantheus has been instrumental in pioneering the field of medical imaging and has helped physicians enhance patient care with its broad product portfolio. 

Lantheus is an entrepreneurial, agile, growing organization that provides innovative diagnostics, targeted therapeutics, and artificial intelligence (AI) solutions that empower clinicians to find, fight and follow disease.  At Lantheus our purpose and values guide our behaviors in all interactions and play a vital role in creating a dynamic environment that contributes to our success.  Every employee is crucial to our success; we respect one another and act as one knowing that someone’s health is in our hands.  We believe in helping people be their best and are seeking to bring together a diverse group of individuals with different viewpoints and skill sets to be a part of a productive and inclusive team. 

This position is site-based and requires a presence on-site three days per week. 

Summary

The Associate Director, Cybersecurity Operations is responsible for developing the strategy, vision, and execution of the Security Operations team responsibilities. This role is accountable for the key security operations areas, including but not limited to, incident response, security monitoring, threat management, host security and vulnerability management.

This role will report directly to the Chief Information Security Officer and manage the relationships with key IT stakeholders across the organization to provide efficient and consistent security operations services.

Key Responsibilities

· Oversee and manage the Security Operations Center (SOC), and lead staff to proactively manage the detection, prevention, response, and remediation of security incidents

· Oversee the planning, budgeting and directing of all Security Operations activities across the team

· Define, oversee, and manage the governance of the functions of the Security Operations team so as to ensure data security and regulatory compliance, including the identification and management of multiple security, risk, and performance metrics

· Manage the Information Security Operations staff, including resourcing, mentoring, and career development

· Advise Lantheus business units on mobile device security and endpoint security directives and actions

· Take lead in performing security testing of applications, networks and infrastructures, including vulnerability assessments, penetration testing and manual testing techniques

· Contribute to and coordinate audit management efforts with internal and external auditors

· Contribute to the development of standards, procedures, and guidelines for security monitoring

· Drive continuous performance improvements in incident response and mitigation of threats and vulnerabilities

· Identify opportunities for enhanced coverage of threat intelligence and security monitoring; recommend and implement solutions

Minimum Requirements:

· Bachelor’s or Master’s degree in a relevant field of work or equivalent combination of education and work experience

· 7+ years of experience in cybersecurity and with a minimum of 3 years direct experience in information security operations, including SIEM, IDS/IPS, network security, email security, patching and lifecycle management, endpoint security, and incident response

· 3+ years Management/leadership experience; managing people, projects, budgets, and processes; CISSP preferred, but not required

· Understanding and technical knowledge of Security Operations concepts, including but not limited to, incident response, forensics, data loss prevention, security monitoring, threat management, host security and vulnerability management

· Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST, SANS, etc.

· Ability to design and evaluate processes to build security functions and review processes for ongoing improvement

· Ability to development information security operations operating plans consistent with the strategy and vision of Lantheus

· Excellent oral and written communication skills

· Experience in the management and/or implementation of security monitoring, anti-malware, data loss prevention and vulnerability management technologies

· Certification and experience in SCADA security and/or laboratory/equipment security a plus

· Advanced education/certification in SDLC and/or Application Security a plus

· Experience in security programs in the healthcare and/or life sciences is a plus

· Expertise in Cloud Security Domains is a plus; CCSP certification is a strong plus

· Cloud Concepts, Architecture, and Design

· Cloud Data Security

· Cloud Platform and Infrastructure Security

· Cloud Application Security

· Cloud Security Operations

Core Values

The ideal candidate will embody Lantheus core values:

• Let people be their best
• Respect one another and act as one
• Learn, adapt, and win
• Know someone’s health is in our hands
• Own the solution and make it happen

Lantheus is an equal opportunity employer that provides a workplace free from discrimination. All qualified applicants and employees are considered without regard to race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any other characteristic protected by law.

Any applicant requiring an accommodation in connection with the hiring process and/or to perform the essential functions of the position for which the applicant has applied should make a request to the Lantheus Talent Acquisition team at talentacquisition@lantheus.com.