Responsible for successfully executing enterprise-wide Information Security Operational controls and processes that protect the company’s data and functions across all business areas. Adhering to data protection standards, procedures, regulatory oversight, and technical solutions for the Information Security department.
Develop and execute a comprehensive Insider Threat strategy, responsible for program development, and effective operations of all associated controls. This position will be highly engaged cross functionally, always providing high quality security solutions to detect, assess, monitor, and respond for insider threats ranging from users to assets and manage security information to keep ahead of such threats.
Leads the Vulnerability Management program as a vulnerability management SME throughout a global technology organization with various legacy and modern systems within data centers and the cloud. Develops enterprise policy and technical standards with specific regard to vulnerability management and secure configuration.
Performs all duties in accordance with the company’s policies and procedures, all state, federal, and country laws and regulations, wherein the company operates.
In accordance with regulatory and audit requirements, this position will perform analysis of systems and programs, including the cyber-security related programs and initiatives. Delivery of activity reporting, including metrics, environment impact, effectiveness progress, and performance, and risk indicators.
ResponsibilitiesDesigning and implementing an Insider Threat program leveraging technologies such Security Information Event Management - SIEM, User Behavioral Analytics - UBA, Data Loss Prevention - DLP and an understanding of the investigations and intelligence cycleOversight of Vulnerability Management Program for IT, OT and Cloud assets across the enterpriseLeadership position responsible for the independent execution and continuous improvement of the Insider Threat and Vulnerability Management programsTesting and maintaining security tooling, particularly for endpoint detection and investigationCollaborating cross-functionally with Security, IT, Human Resources, Privacy, and Legal on defining policy and investigative outcomesCreating and maintaining all documentation around insider threat and vulnerability management processes, procedures and necessary evidence for complianceDeveloping operational processes and alignment with cross functional teams Creating and documenting business process, and communicating needs inside and outside of the teamAct on improving processes and proceduresMaturing, or building new, TVM SLA & KPI tracking tools to ensure team and company complianceUtilizing threat intel and analysis tools and vendors to identify, automate, manage and prioritize continually changing threatsManage a team responsible for Monitoring, tracking, investigating, and reporting in compliance with security requirements, and works with the responsible parties to drive timely results and remediationGenerates and monitors effective and actionable Information Security reporting across all Information Security technical landscapeResearch and track current security threatsParticipates in the global distribution of the enterprise Cyber-Security Operations Security Awareness training and campaignsPractices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities pertaining to the organizationParticipate in on-call efforts on a rotational basisRequirementsStrong oral and written communication skills appropriate for consultation with all levels of managementExperience with building Insider Threat programs and associated best practices Vulnerability Management program leadership experienceExperience building and training teamsStrong problem-solving and analytical skillsExperience in collaboration amongst multiple lines of business and geographic theaters. Multi-national enterprise experienceInformation Security-based certification preferred (i.e., CompTIA, Network+/Security+, CEH, GIAC GSE, SANS Academy certs, or similar)The ability to thrive in a fast-paced, dynamic environmentThe ability to influence and drive change within teams and the organizationA self-starter with a hands-on style, high level of energy, stamina, and drive A strong team player who is proactive and driven to achieve results Organizational and time management skillsPrevious senior leadership experience working as part of an enterprise Information Security teamExperience/Education5+ years leadership experience with Insider Threat program 5+ years leadership experience in Vulnerability Management 5+ years’ experience in multiple Cybersecurity domains (i.e., Identify & Access Control, Network Security, Firewalls, Enterprise Directory Systems, Encryption, Data Loss Prevention {DLP}, Comprehensive Endpoint Protection, & Information Security Operations)3+ Incident Management, Monitor and Response experience in a Cybersecurity operation-based environment nice to haveIn-depth familiarity with enterprise workflow tools, scripting, and ability to develop and improve tool utilization, and promote process efficiencyBachelor's degree in Information Systems, Computer Science, Information Security, and/or related work experience#LI-REMOTE
The estimated base salary range for the Associate Director, Threat and Vulnerability Management - Information Security Operations - Remote role based in the United States of America is: $167,200 - $250,800. Should the level or location of the role change during the hiring process, the applicable base pay range may be updated accordingly. Compensation decisions are dependent on several factors including, but not limited to, an individual’s qualifications, location where the role is to be performed, internal equity, and alignment with market data. Additionally, all employees are eligible for one of our variable cash programs (bonus or commission) and eligible roles may receive equity as part of the compensation package. We offer a wide range of benefits as innovative as our work, including access to genomics sequencing, family planning, health/dental/vision, retirement benefits, and paid time off.At Illumina, we strive to foster a diverse and inclusive workplace by cultivating an environment in which everyone contributes to our mission. Built on a strong foundation, Illumina has always been rooted in openness, collaboration, and seeking alternative views and perspectives to propel innovation in genomics. We are proud to confirm a zero-net gap in pay, regardless of gender, ethnicity, or race. We also have several Employee Resource Groups (ERG) that deliver career development experiences, increase cultural awareness, and demonstrate our collective commitment to diversity and inclusion in the communities we live and work. We are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information. If you require accommodation to complete the application or interview process, please contact accommodations@illumina.com. To learn more, visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf. The position will be posted until a final candidate is selected or the requisition has a sufficient number of qualified applicants.