Boston Scientific Senior Cybersecurity Defense Manager 

United States, Massachusetts, Marlborough 

44147227

About the Role:

In this critical role, the individual will work alongside other Cybersecurity leaders to improve current processes and tools, ensuring our CSIRT remains adept at handling emerging threats. You'll oversee team operations, offer technical advice, participate in reviews, and provide feedback. During incidents, you'll lead the team to mitigate threats promptly and keep leadership apprised of developments. Collaboration with partners is key in improving detection and prevention controls within a cooperative, multi-functional setting. Leadership duties also include promoting an inclusive culture, recruiting and coaching talent from a diverse range of backgrounds and cultures, and nurturing an environment that encourages growth and teamwork.

Your responsibilities will include:

• Develop and implement a comprehensive cybersecurity incident response strategy aligned with organizational goals and industry best practices.
• Provide leadership and guidance in the development and implementation of incident response policies, procedures, and protocols.
• Collaborate with senior management to integrate incident response capabilities into the overall cybersecurity strategy and business continuity plans.
• Lead and manage a team of highly skilled cybersecurity professionals, providing mentorship, coaching, and professional development opportunities.
• Foster a culture of collaboration, innovation, and continuous improvement within the incident response team.
• Establish clear roles, responsibilities, and performance expectations for team members to ensure efficient and effective incident response operations.
• Oversee the detection, analysis, and response to cybersecurity incidents, including advanced threats and targeted attacks.
• Collaborate with other departments, including IT, legal, compliance, and risk management, to ensure alignment of incident response efforts with organizational objectives.
• Participate in cross-functional incident response and crisis management exercises to test response plans and enhance organizational preparedness.
• Establish metrics and key performance indicators (KPIs) to measure the effectiveness of incident response operations and drive continuous improvement efforts.
• Conduct post-incident reviews and analyses to identify lessons learned, root causes, and areas for improvement.
• Implement corrective actions and process enhancements to strengthen incident response capabilities and mitigate future risks.
• Develop and manage the annual budget for the cybersecurity incident response team, ensuring alignment with organizational goals and objectives.
• Allocate budget resources effectively to support incident response activities, including staffing, technology investments, and training initiatives.
• Evaluate and manage vendor relationships for cybersecurity products and services, negotiating contracts and service level agreements to optimize value and cost savings.
• Identify opportunities for cost optimization and efficiency improvements within the incident response program, leveraging automation, process improvements, and alternative sourcing strategies.
• Conduct financial analysis and scenario modeling to support decision-making and strategic planning related to cybersecurity incident response investments.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, or related field.
• 10+ years of experience in cybersecurity, with a focus on incident response and security operations.
• Proven leadership experience, with a track record of successfully managing and developing technical teams.
• Strategic thinking and analytical skills, with demonstrated ability to develop and execute cybersecurity incident response strategies.
• Demonstrated technical knowledge of cybersecurity principles, technologies, and methodologies, including malware analysis, network forensics, and endpoint security.
• In-depth knowledge of cybersecurity technologies, tools, and techniques, including SIEM, IDS/IPS, EDR/EPP, and threat intelligence platforms.
• Strong understanding of incident response frameworks and standards, such as NIST SP 800-61 and ISO/IEC 27035.
• Demonstrated cross-functional collaboration skills, with the ability to effectively communicate technical concepts to non-technical stakeholders.

Preferred Qualifications & Competencies:

• Advanced degree in degree in Computer Science, Information Technology, or related field.
• Relevant industry certifications like CISSP, GIAC, or CISM.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.