The IOS Security Operations Associate Director is instrumental in managing the effectiveness of the security operations practice, including, but not limited to: monitoring, detection and mitigation of cybersecurity threats, vulnerability and threat management activities, and incident handling/triaging practices at Otsuka America Pharmaceutical, INC (OAPI). This individual should have a deep understanding of operational cybersecurity coupled with extensive hands on experience to defend against ever increasing and more sophisticated cybersecurity threats. This individual also is key to Otsuka’s security incident response and associated communications including coordination with the Information Security Officer, the CSIRT and other key stakeholders. Vendor management and security team coaching and development are other key aspects of this position.
• Establish processes to monitor, analyze, and report output from security monitoring systems.
• Coordinate and liaise with others to take necessary corrective action.
• Monitor stakeholders’ completion of compliance and risk management processes and deliverables.
• Implement operational security standards, processes, procedures, and guidelines.
• Work with other IT teams, users, and vendors on security solutions and implementation.
• Develop and conduct preparedness tests to demonstrate operational efficiencies.
• Set-up procedures and automated processes to monitor the status of computers and the network.
• Respond immediately to any detection of unusual patterns of behavior and possible threats.
• Analyze metrics to identify any trends that might indicate patterns of future risks.
• Provide regular reports and metrics for management on the company’s IT security status such as KPI’s, incident tracking reports, proposals for improvements, as well as tactical and strategic planning initiatives.
• Remain current with the latest cyber security technologies and threats.
• Document and communicate to all stakeholders and senior management on all cyber security related items such as incident management, problem detection, situation management, and service recovery.
• Manage security vendor relationships and ensure adequate actionable performance.
• Provide input and evaluation on security aspects of non-security related technology, e.g. software applications and tools, hardware, services, etc.
• Constant monitoring of company IT and data assets to ensure security controls are operating and functioning as intended.
• Minimum 5 years of experience in IT security operations, incident response, vulnerability assessments, and threat detection monitoring and management tools at the enterprise level. Preferably experience within a Security Operation Center.
• Minimum 2 years supervisory experience.
• Experience working with engineering teams to operationalize the protection of new systems and business applications.
• Strong security vendor management skills with proven track record of managing relationships. Preferred experience with security operations as it relates to cloud computing as well as leveraging cloud services (Managed Detection & Response, SIEM-as-a-Service, SOC-as-a-service, etc.
• Strong knowledge of various security products such as firewalls, IDS/IPS, packet analyzers, DLP and incident response tools.
• Experience monitoring for emerging threat patterns and vulnerabilities.
• Experience working the incident management lifecycle including understanding of forensic information and ability to triage security incidents.
• Experience developing and documenting protocols, procedures/runbooks for the security of the IT system and company data.
• Good understanding of concepts in networking, applications, and operating system functionality; able to apply advanced concepts such as application manipulation, exploit development, and stealth operations.
• Experience analyzing and assessing threat vectors.
• Proven ability to analyze root causes of issues.
• Experience with any of the following technologies a plus
o Cylance Protect
o Office 365 (Security & Compliance)
o Microsoft Cloud App Security
o Microsoft Advanced Threat Analytics
o Microsoft Azure Operations Management Suite, Log Analytics
o ZScaler Internet Access, Private Access
• Bachelor's in Computer Science, Information Technology, Information Systems, Networking, or other related fields, or equivalent work experience, including military education and experience.
• Relevant IT security certifications in information security, control and governance, and digital forensics such as CISSP, CEH, OCSP, GICSP, or CISM.
• Preferred certifications in ITIL (Information Technology Infrastructure Library).
• Afterhours or weekend work as needed
• Approximately 20% travel as required
Rockville, Maryland or Princeton, New Jersey
Otsuka Pharmaceutical Company is a global healthcare company with the corporate philosophy: “Otsuka-people creating new products for better health worldwide.” Otsuka researches, develops, manufactures and markets innovative products, with a focus on pharmaceutical products to meet unmet medical needs and nutraceutical products for the maintenance of everyday health.
In pharmaceuticals, Otsuka is a leader in the challenging area of mental health and also has research programs on several under-addressed diseases including tuberculosis, a significant global public health issue. These commitments illustrate how Otsuka is a “big venture” company at heart, applying a youthful spirit of creativity in everything it does.
Otsuka Pharmaceutical Company is a subsidiary of Otsuka Holdings Co., Ltd. headquartered in Tokyo, Japan. The Otsuka group of companies employed 45,000 people worldwide and had consolidated sales of approximately USD 11 billion (€ 9.9 billion) in 2016.
All Otsuka stories start by taking the road less travelled. Learn more about Otsuka Pharmaceutical Company on its global website at www.otsuka.co.jp/en. Learn more about Otsuka in the U.S. at www.otsuka-us.com.
Disclaimer: This job description is intended to describe the general nature and level of the work being performed by the people assigned to this position. It is not intended to include every job duty and responsibility specific to the position. Otsuka reserves the right to amend and change responsibilities to meet business and organizational needs as necessary. Otsuka is an equal opportunity employer. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to their protected veteran or disabled status, or any protected status.