Cyber Security Operations Manager
Updated: 26 Apr 2022
Offered by:Octapharma AG
Are you motivated, resilient and have a “can” do attitude towards improving cyber security?
Do you have a deep technical kledge, and can communicate with others from different backgrounds?
We are looking for someone like you who can:
- Improve and run our security operations centre and vulnerability management services with a product mindset, with an effective and positive collaboration with IT teams at multiple locations and security service providers.
- Design and continuously report business centric cyber security metrics.
- Take accountability to design or improve processes to detect, investigate and respond to security alerts and incidents, leveraging SIEM - SOAR, EDR/EPP, DLP, IDPs, etc.
- Deliver security incident response, forensics, documentation, and reporting.
- Advise, coach and work with IT infrastructure, service delivery and service desk teams on security incident management.
- Run and improve our vulnerability Management process end to end: infrastructure scanning, technical testing, security hardening, reporting findings to key stakeholders and driving remediation with a risk based approach.
- Supports continuous improvement and implementation of our information security crisis management process.
- Proactively support other ISRM team members on the design of security education training awareness program (SETA) to lessons learned and root causes identified through security incident management.
You will be reporting to the Corporate Head of Information Security and Risk Management (ISRM).
The ISRM team is accountable for the design and implementation of Octapharma’s group security strategy and program. Because we are a privately owned business, we have a long-term vision and strategy, and can run a security program which is truly focused on delivering business value.
In our team you will have opportunities for hands on work, but also delivering through others, working shoulder to shoulder with IT and business teams strengthening your business skills.
- University Degree in Information Security, IT or equivalent
- Desirable: Relevant security certifications such as from ISC2, ISACA, CREST CCTIM or CCIM, SANS and Vendor Certifications.
- 12+ years of professional work experience in IT with relevant roles such as network engineering and operations and security engineering.
- 5+ years of experience in security operations management and vulnerability management preferable in organizations which have manufacturing business operations.
- Working kledge with security protection and detection technologies such as NG Firewalls, IDPs, DER/EPP, network and host segmentation, SIEM including SOAR, and Vulnerability Scanning and Management tools.
- Experience in security monitoring, detection and response for various technologies including Operations Technologies (OT) e.g. industrial and process control systems.
- Applied kledge of common network services and kn network vulnerabilities or attack patterns and threat actor TTP’s (Techniques, Tactics & Procedures), use of MITRE ATT&CK / Kill chain / threat modelling frameworks.
- Must be able to define project/program goals and roadmaps based on business / service customer needs and strategic direction and ensure that committed projects are delivered on schedule by the relevant team members.
- You are confident and able to communicate why through the work you deliver you are a business enabler.
- Beneficial: You have kledge of GXP, CSV and pharmaceutical industry related regulations.
- You have strong verbal and written communication skills in English and beneficial German.
- You are resilient, self-reliant/self-motivated, proactive with high degree of accountability and you have excellent operating skills in a dynamic team environment.
- You are a strong communicator: presentation and training, relationship management, consultation, negotiation.
- You have a high level of personal integrity, ability to professionally handle confidential matters and convince by appropriate level of judgment and maturity.
- You can work in a matrix and geographically dispersed organization.
- If needed, you could travel around 30% of your working time (worldwide)
What we offer
We are close to 10,000 employees, we have six manufacturing sites, seven research and development centres, 150+ plasma collection centres and offices across the world. Being part of our IT organization, you will be working with our teams in different locations and able to:
- Develop and grow a professional career in an exciting, challenging and international environment.
- Be rewarded with an attractive salary and benefits package.
- You will have a high level of influence where you can make a difference and leave your footprint.
- Work with skilled and fun colleagues in a relatively informal organization.
We are a truly global, collaborative, and friendly group of people. Having a diverse, inclusive, and respectful workplace is important to us. We support your career development, internal mobility, and work-life balance. If this sounds interesting, apply .
Please apply online in English describing your interest, expected salary, and enclosing your CV, references and/or recommendation letters.