Associate Director, Information Security Architecture & Engineering

Tarrytown

The Information Security Architecture and Engineering team is looking for an Associate Director, Information Security to support, contribute and influence the plan, maintenance, and design of Regeneron's security architecture and engineering program. You will align business requirements and security technologies to protect the network, cloud, application environment and computer endpoints (including mobile devices) from cyber threats, malware, and data loss.A typical day might include the following:Define and contribute to the Information Security Architecture & Engineering Roadmap.Define and influence ITES and InfoSec roadmap for security capabilities: anti-virus/anti-malware, advanced detection and response, forensics, data loss prevention, proxy, host-based firewall, and application whitelisting (System Integrity).Identify, influence and facilitate strategic Security solutions in alignment with business priorities.Define and support solutioning/integration efforts for application security and DEVSECOPS initiatives.Partner with Data Analytics, Research IT and Cloud services on prioritized initiatives to influence foundational security approach.Lead the technical assessments program in support of the Regeneron's Governance and Risk program. Provide security analysis and advisement.Develop and support Regeneron Security related Policies and Standards.Advise and support to the roadmap for network security capabilities to include; firewall, intrusion detection/prevention, web proxy, secure remote access, and cloud security.Support and lead Security efforts related to the execution of projects for network and endpoint security technologies.Develop business requirements, technical requirements, architecture diagrams, implementation guidance, and project management for security technology deployments.Lead Security advisory role in the SDE Review board to integrate security requirements as part of the IT project management lifecycle.Define, Lead and support Security efforts related to Regeneron's Data Loss Prevention Program.This role might be for you if you:Bring enthusiasm and innovative thinking.Have strong leadership skills and qualities which enable you to network, lead within the organization and influence.Be a great negotiator, communicator, assertive, resourceful, driven, self-starter, problem-solver, a "doer" and technologist.Have a good work ethic and are proactive in driving projects forward, troubleshooting challenges, and communicating results.Enjoy working in a highly collaborative environment with a diverse team of colleagues.Use outstanding communication skills to summarize and present data and concepts to a variety of audiences.To be considered for this role, you must have a Bachelor's degree as well as at least 7 years in information security engineering, or in IT with 5+ years in information security architecture and security engineering. Experience in security architecture design, network segmentation, cloud security and data protection. Fluent in core IT, cloud and networking topics, and current with cutting edge network security, remote access, and monitoring technologies. Knowledge of Security applicability to Identity Management, AI, ML and Application Security solutions. Experience with endpoint threat detection and response capabilities. Applied strategic consulting experience in all aspects of Information Security. Ability to evaluate and recommend product selections and make configuration decisions to improve product selection security value in the environment, while minimizing end-user impact. Experience working with security industry leading technologies in protecting the perimeter, securing cloud technologies, filtering malicious content, hunting advanced threats, and protecting users and their endpoint from malicious activity. Experience in Security assessment process and technical security risk management. Expertise in basics of IT services; endpoint, server, cloud and storage. • Experience with technologies in most the following: Firewalls, IDS, IPS, proxy, cloud access and encryption, DMZ architecture, SIEM, logging, anti-virus/anti-malware, endpoint detection and response, host-based firewall, application whitelisting, file integrity monitoring, and DLP. Candidate should have a solid knowledge of NIST 800-53, Cybersecurity Framework, CIS Standards and MITRE ATT Framework..Experience in a GxP or another regulated environment, preferred.Position requires CISSP, CISM, CHE or equivalent, relevant certification from a recognized body (e.g., SANS, ISC2, ISACA). If absent, certification must be attained no later than after one year of start date.#LI-EG2Does this sound like you? Apply now to take your first steps toward living the Regeneron Way! We have an inclusive and diverse culture that provides amazing benefits including health and wellness programs, fitness centers and stock for employees at all levels!Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion or belief (or lack thereof), sex, nationality, national or ethnic origin, civil status, age, citizenship status, membership of the Traveler community, sexual orientation, disability, genetic information, familial status, marital or registered civil partnership status, pregnancy or maternity status, gender identity, gender reassignment, military or veteran status, or any other protected characteristic in accordance with applicable laws and regulations. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application process. Please contact us to discuss any accommodations you think you may need.Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by law.

Apply