Manager, Application Security & Solution Demand Engineering

BD (Becton, Dickinson And Company) Franklin Lakes , NJ 07417

Posted 2 weeks ago

Job Description: SummaryReporting to the Director, Architecture & Engineering this incumbent has broad management responsibility for developing and implementing a comprehensive enterprise cyber security engineering program that includes the oversight and execution of the application security and process engineering discipline. This incumbent is responsible for oversight of the Security Systems Lifecycle Management process including identification of inefficiencies and vulnerabilities within IT management processes consistent with Architecture & Engineering goals, industry standards, and technology resources. The ideal candidate possesses a unique blend of project management and technical skill. The candidate will lead and drive key security workflow automation and remediation management efforts. They will partner with supporting resources to meet key strategic objectives, produce various required deliverables and support all required planning efforts while working to evolve an effective, comprehensive process. The role collaborates with peer GIS groups, Mobility teams, end user computing group, internal business partners, and third parties to align resource assignments with incoming project demand and ongoing operations. Responsible for the development and alignment of the mobile and endpoint security technology roadmap in accordance with strategic GIS goals. Remote/Virtual location is possible.

Job Description

Responsibilities

  • Responsible for development, oversight of implementation and ongoing operation of Security Systems Lifecycle Management

  • Mentor, coach, develop and support team members of the Application Security Engineering group.

  • Develop strategy for a global, scalable, and optimal set of security solutions to support Security Systems Lifecycle Management

  • Partner with key technical teams and stakeholders to organize and facilitate security workflow and process automation alignment discussions

  • Serves as a resource to requestors of IT demand and project leaders to educate and assist them with implementing and complying with security requirements and workflow processes

  • Create, update, manage and distribute updated security requirements, workflows, roadmaps and their respective detail through various tracking and reporting means.

  • Oversee the regular review of current security processes, design and configuration to ensure those adhere to industry best practices, security standards and foster continuous improvement

  • Establishes and maintains process governance for security standards across the various engineering-related organizations

  • Proactively plans, coordinates and leads detailed training sessions with other security associates and stakeholders to educate on process changes, new tools/systems etc.

  • Guide team members in the use of monitoring and troubleshooting tools to evaluate and resolve complex issues across a wide variety of network and infrastructure security solutions.

  • Deliver services that meet BD security and project quality specifications

  • Ability to take initiative to communicate, interact, and collaborate with others to ensure that all aspects of a task are addressed

Qualifications

  • A strong understanding of information and cyber security principles and best practices

  • Strong understanding of the security requirements lifecycle process and software development lifecycle (SDLC)

  • Proven experience and understanding of security analytics

  • Proven expertise in developing and implementing processes, process integration and process changes

  • Ability to develop and nurture strategic relationships with key stakeholders throughout the organizations.

  • Ability to pick up new products and platforms quickly, transferring skills and best practices when needed

  • Flexibility, ability to plan and organize, responsiveness, creativity, self-starter

  • Able to build solid working relationships with peers and senior leadership

  • Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organization

  • Experience with the oversight and building working relationships with Managed Security Services providers, as well as other integrated vendors and third parties included in operations.

  • Proven experience in leading, organizing, prioritizing and communicating tasks for security engineers.

  • Excellent security engineering aptitude and the ability to provide technical mentorship and guidance

  • Strong interpersonal skills with the ability to effectively present information and develop others.

  • Minimum of 5 years of technical writing and report generation

  • Minimum of 7 years of managing teams and third-party resources

  • Minimum 7 Years Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, IT General Controls, etc.)

  • Minimum 2 Years Conceptual knowledge of the following regulations: PCI, Sarbanes-Oxley, HIPAA, GLBA, FISMA

  • Bachelor's Degree

Preferred

  • Knowledge of project management processes (PMI, PRINCE2)

  • Certified Application Security Engineer (CASE) certification

  • Industry recognized certification in security (e.g., CISSP, CCSK,CISA, CISM, CEH, etc.)

  • Experience in IT Security Testing (e.g., penetration testing, web application security assessments, vulnerability assessments and technical security assessments

  • Knowledge of security frameworks (ISO, NIST, COBIT)

  • Experience with implementing Security Systems Lifecycle Management processes into overall IT Management Processes

  • Experience with security system life cycle management solutions for applications, network and infrastructure

#LI-TECH

Primary Work LocationUSA NJ - Franklin Lakes

Additional LocationsUSA CA - San Diego (BDB), USA CA - San Jose, USA MD - Baltimore, USA NC - Research Triangle Park, USA TX - San Antonio, USA UT - Salt Lake City

Work Shift


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Manager Cloud Security Engineering

BD (Becton, Dickinson And Company)

Posted 2 weeks ago

VIEW JOBS 3/7/2019 12:00:00 AM 2019-06-05T00:00 Job Description SummaryBD has adopted a "services" first approach in engaging technical solutions to address business challenges. Primarily, those services are offered by cloud service providers. The key concern with provisioning cloud services is data protection while data is at rest or in transit. Cloud service providers are susceptible to the same threats that corporations face daily. GIS understands this challenge and will take a proactive stance in creating a discipline to develop a strategic, operational and industry-recommended best practices approach. This role will focus on defining cloud architecture, cloud data security and control standards, service models, deployment models and overall cloud service management. This role would also play a pivotal role in establishing a Center of Excellence for any business or function with a requirement for consuming cloud services. Remote/Virtual location possible. Job Description Reporting to the Director, Architecture & Engineering and collaborating with other team members, this individual will be responsible for coordinating the definition of cloud security strategy, architecture, implementation and operations. This challenging position requires in-depth knowledge of cloud security architecture, design and standards, cross-functional knowledge of business processes, information security risks, internal controls and understanding of technology. He/she brings unique knowledge and experience related to cloud security best practices and evidence of successful implementations. * Support the delivery of BD's security offerings related to cloud security, including security governance (security policies and procedures), security strategy (security planning), risk (risk assessments and management), cloud data protection (classification, encryption, tokenization), cloud-based identity and access management, technology/provider-specific cloud architecture and monitoring/analytics for and in the cloud * Define security controls relevant to compliance with legal, best-practice, and regulatory requirements for cloud environments * Lead the growth, development and support of junior cloud security staff in a team-oriented environment * Understand business engagements, requirements and enablement opportunities as it relates to specific use cases * Collaborate with GIS architecture & engineering staff and IT enterprise architecture staff in defining optimal cloud strategy, architecture and operations * Ability to translate technical cloud security requirements into business terms for leadership and stakeholders * Conduct cloud security strategy, readiness and discovery assessments; be familiar with cloud security frameworks, compliance requirements and security operations * Deliver services that meet BD security and project quality specifications * Ability to take initiative to communicate, interact, and collaborate with others to ensure that all aspects of a task are addressed Minimum Qualifications: * Minimum of 2 years of server, application and network security hardening experience (e.g., design, recommend and implement security hardening technical controls) * Minimum of 5 years managing projects using a standardized set of project management principles and solutions * Minimum of 5 years of technical writing and report generation * Minimum of 7 years of managing teams and third-party resources * Minimum 7 Years Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, IT General Controls, etc.) * Minimum 2 Years Conceptual knowledge of the following regulations: PCI, Sarbanes-Oxley, HIPAA, GLBA, FISMA * Bachelor's Degree Preferred Qualifications: * Experience working SecaaS, Cloud Security or Third Party / Cloud Security Assessments * Certified Cloud Security Professional (CCSP) certification * Industry recognized certification in security (e.g., CISSP, CCSK,CISA, CISM, CEH, etc.) * Experience in IT Security Testing (e.g., penetration testing, web application security assessments, vulnerability assessments and technical security assessments * Experience in Identity and Access Management * Experience in Network and Infrastructure Security (virtualized environments) * Experience with Cloud Security vendors in the IAM, Data Protection, Monitoring, SaaS, IaaS, PaaS provider specific space * Experience with Linux, Mac and Windows operating systems * Experience with security system life cycle management solutions for applications, network and infrastructure #LI-TECH Primary Work LocationUSA NJ - Franklin Lakes Additional LocationsUSA CA - San Diego (BDB), USA CA - San Jose, USA MD - Baltimore, USA NC - Research Triangle Park, USA TX - San Antonio, USA UT - Salt Lake City Work Shift BD (Becton, Dickinson And Company) Franklin Lakes NJ

Manager, Application Security & Solution Demand Engineering

BD (Becton, Dickinson And Company)