Security Operations Expert - Proactive Cyber Defense
Cambridge, MA

Job Description

Job Description

Novartis is actively seeking a Security Operations Expert, Proactive Cyber Defense to join our Security Operations team in Cambridge, MA.

The purpose of the Security Operations Cyber Expert - Proactive Defense is to defend Novartis and its patients by developing new protections based upon hunting activities and analysis of existing controls.

This includes performing analysis of indicators of compromise and security incidents, hunting for suspicious activities, evaluating existing rules and detections, coordinating with Threat Intelligence, Red Team, and Cyber tooling, and implementing or new controls, thereby protecting against loss of sensitive data, and/or reputational and financial harm to the company.

Your responsibilities:

* Deep investigation into non-standard incidents or those for which a higher level of rigor is required (malware analysis, network investigations, data privacy investigations, support for Forensics and Corporate investigations) or which may have regulatory and financial impact.
* Performs Threat hunting given external/internal threat intelligence to reduce risk of financial or reputational harm to Novartis

o Works with Cyber Security team to test and prove threat scenarios

o Looks for and tests new avenues of compromise or attacks that may circumvent existing controls

o Free-form scenario-based hunting within existing or new data repositories

* Develops new and revises existing rules, detections, and controls
* Evaluates and implements whitelisting and blacklisting of IOCs
* Analyzes and develops remediation for gaps in controls, tools, and attack techniques framework
* Improves security incident orchestration through automation, tooling, and tuning
* Given threat scenarios from previous incidents, develops solutions and implements new protections and detections
* Assesses risk to Novartis based upon incidents, trends, and hunting activities and recommends remediation actions
* Evaluates new technologies to improve security posture, and develops use cases and incident response models
* Participates in, or works directly on additional projects, assignments or initiatives as assigned

We are Novartis. Join us and help reimagine medicine.

Employment Type

Regular