Assoc Dir, Threat Detection & Attack Surface Management - Hybrid

BD

At BD, we seek to usher in a new era of healthcare by bringing medical products, capabilities and solutions to every corner of the world.

View company page

Job Description SummaryThe Cyber Threat Detection Operations Lead at BD is a critical role responsible for safeguarding the company’s information and data security. Reporting directly to the Cyber Fusion Center Lead, this leader will develop and align security strategies with company-wide programs, business objectives, and overall strategy. Responsible for proactively monitoring BD’s attack surface and detecting active cyber threats. This proactive monitoring of BD's attack surface enables other Security Operations teams and associated stakeholders to drive remediation of identified risks. This leader defines, develops, and implements cyber monitoring use cases in the security monitoring solutions, maintain visibility of BD's monitored attack surface, and engage in and support advanced security research and investigation activities.Job Description We are the makers of possible
BD is one of the largest global medical technology companies in the world. Advancing the world of health is our Purpose, and it’s no small feat. It takes the imagination and passion of all of us—from design and engineering to the manufacturing and marketing of our billions of MedTech products per year—to look at the impossible and find transformative solutions that turn dreams into possibilities.
We believe that the human element, across our global teams, is what allows us to continually evolve. Join us and discover an environment in which you’ll be supported to learn, grow and become your best self. Become a maker of possible with us.
Key Responsibilities:
Cyber Threat Detection Lead:
Develop and execute a comprehensive cyber threat detection strategy

Coordination with infrastructure teams in the testing, implementing, deploying, maintaining, reviewing, and administering of detection and monitoring infrastructure.

Develop content for monitoring infrastructure (SIEM , Netflow, etc.). This includes Uses Cases, Dashboards, Reports, Rules, Filters, and Trends. Provide optimization for data flows using aggregation, filters etc. Develop, maintain, and disseminate documentation (Playbooks, SOPs, Work Instructions) required to effectively maintain controls effectiveness and demonstrate return on investment.

Coordinate with Incident Response

(IR), Threat Detection & Response (TDR), and Threat Intelligence (TI) analysts to manage and administer the updating of rules and signatures (e.g., SIEM use cases and rules, traffic filtering, tuning, and maintenance) for monitoring of business-critical systems and applications.

Identify potential conflicts with implementation of monitoring tools within the Security Analytics area of responsibility (e.g., tool and signature testing and optimization).

Assist in identifying, prioritizing, and coordinating the monitoring of critical business infrastructure and key resources.

Communicate technical information to non-technical audiences and advise staff on Cybersecurity issues and approaches.

Attack Surface Reduction Lead:
Acts as a central point of responsibility for providing technical guidance to proactively identify and remediate vulnerabilities within the BD environment, ultimately reducing the risk of associated incidents

Development, maintenance, and strategic direction of Attack Surface Management capabilities.

The role serves as a central role responsible for providing technical guidance for reducing the risk of vulnerabilities and associated incidents by proactive identification and remediation of vulnerabilities.

Collaborate and provide business and technical expertise to CFC Analysts to optimize detection and response capabilities.

Oversees current tools and technologies being leveraged within the CDC and provides strategic guidance to continuously improve the Attack Surface Management

Interact closely with BD Security Architecture team, and Network & Infrastructure team.

Identify and assess assets that don’t need to be connected to the internet.

Disconnect unnecessary devices and systems from the internet to reduce the risk of cyberattacks.

Secure all mobile devices and enforce a strong device policy.

Address misconfigurations and vulnerabilities promptly.

Monitor for shadow IT and restrict USB usage.

Conduct regular attack surface analysis.

Implement attack surface reduction rules to prevent malware infection.

Candidate should have:
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, including:
Experience governing and modernizing:
Vulnerability management (Eg: Tenable, Qualys).
Cloud security posture management (Eg: Wiz, AWS Control Tower, OCI CloudGuard).
MDR and SIEM technologies.
Network and Cloud Access Brokers (Eg: Zscaler).

(2-3 years) Engineering:
Understanding vulnerabilities and how they are exploited.
Designing and building cyber security response capabilities.
Experience building API’s, connectors, or software that integrates security tooling.
Comfortable scripting (eg Python, Javascript, Powershell).
Familiar with Cloud identity services and Microsoft Office security services.

Preferred Certifications: CISSP, GIAC, GSEC, etc..

Excellent analytical and problem-solving skills

Proven ability to act independently and to execute with limited information and ambiguity.

Detail-oriented with the ability to promptly assess logs for accuracy as well as consistency.

Strong interpersonal skills with the ability to influence others in a positive and effective manner.

Ability to work in a team environment.

Excellent communication skills; both oral and written

For certain roles at BD, employment is contingent upon the Company’s receipt of sufficient proof that you are fully vaccinated against COVID-19. In some locations, testing for COVID-19 may be available and/or required. Consistent with BD’s Workplace Accommodations Policy, requests for accommodation will be considered pursuant to applicable law.
Why Join Us?
A career at BD means being part of a team that values your opinions and contributions and that encourages you to bring your authentic self to work. It’s also a place where we help each other be great, we do what’s right, we hold each other accountable, and learn and improve every day.
To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of health. At BD, you’ll discover a culture in which you can learn, grow, and thrive. And find satisfaction in doing your part to make the world a better place.
To learn more about BD visithttps://bd.com/careers
Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.
PDN
Primary Work LocationUSA NJ - Franklin LakesAdditional LocationsWork Shift
Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr