Associate Director, Information Security

Job Purpose:

The Associate Director will be responsible for the Parexel's strategic vision and operational day to day of the Threat and Cyber Incident Response Programs, building a collaborative team, threat hunting, read teaming and focusing on automation and orchestration to detect and respond to threat.

Key Accountabilities: Lead technical investigations of cyber incidents to identify root causes to contain and recover form incidents. Coordinate and facilitates cyber incident management activities and escalation to leadership team Act as the technical subject matter expert for IR related topics during incidents and lead the technical incident response team Focus on enriching events to enable automation and orchestration Design and execute strategic and tactical threat hunts based on threat intelligence Increase visibility, better tool integration, and faster response to detect security threat Oversee and mature the threat management program and develop red team Perform simulated attacks on systems to identify protective and detective gaps in cyber function Orchestrate the design and execution of threat and risk driven read team exercises Stay abreast of current cyber threats, tools, events, vendors and propose enhancements to our security posture where appropriate Provide digital forensics & eDiscovery support Evaluate and recommend new information security technologies and countermeasures against threats to information or privacy QualificationsSkills: Extensive hands-on knowledge and experience with SIEM technologies, forensic tools, SOAR, and incident management tools Strong knowledge with commercial or open-source offensive security tools for reconnaissance, scanning, exploitation, and post-exploitation (e.g. Nmap, Metasploit, Burb Suite, etc.) Understanding of APTs, attributing TTPs, and Cyber-attacks Experience with reverse engineering, machine learning, SOAR and other technologies to detect suspicious and malicious cyber behavior and stop sophisticated threat actors and cyber attacks Extensive knowledge of security tools, Anti-Malware, Advanced Threat Protection Solutions, IPS, IDS, and End Point security Ability to lead a highly skill technical team Experience in large, geographically diverse enterprise networks Solid understanding of MITRE ATT&CK Framework Strong attention to detail in conducting analysis combined with an ability to keep accurate record and documentation in support of their work Ability to articulate and present complex penetration tests and red team exercises and results Strong, proven problem-solving skills and the ability to identify, analyze, resolve problems, and driving solutions through to completion Python scripting is a must Ability to work under pressure and meet deadlines

Knowledge and Experience : Seven years of work experience in Threat Management and Cyber Incident Response Ability to manage and lead a highly technical team Experience with leading the response to incidents, crises, and investigations with sensitivity, tenacity, and a focus on detail Deep understanding of the enterprise information security discipline, processes, concepts, and best practices Demonstrated consultative approach to driving change and deploying controls. Knowledge of technological trends and developments in the area of information security and risk management High level knowledge of firewalls, anti-virus, intrusion detection/intrusion prevention systems, virtual private networks, remote access systems, network zoning, centralized monitoring, and application scanning Knowledge of information security and risk control frameworks Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals Demonstrate ability to work effectively with a team, in a culturally diverse, matrix management environment

Experience in working in a global / multi-national and therefore complex environment

Education: BS or BA degree preferably in Computer Science or Technology related Relevant Certifications such as GCIH, GCFE, GCFA or GREM, or CISSP are considered a plus