Global Manager, Network Security Operations

Company InformationLegend Biotech is a global biotechnology company dedicated to treating, and one day curing, life-threatening diseases. Headquartered in Somerset, New Jersey, we are developing advanced cell therapies across a diverse array of technology platforms, including autologous and allogenic chimeric antigen receptor T-cell and natural killer (NK) cell-based immunotherapy.Legend Biotech entered into a global collaboration agreement with Janssen, one of the pharmaceutical companies of Johnson & Johnson, to jointly develop and commercialize ciltacabtagene autolecuel (cilta-cel) in 2017. Our strategic partnership is designed to combine the strengths and expertise of both companies to advance the promise of an immunotherapy in the treatment of multiple myeloma.Legend Biotech is seeking a Global Manager, Network Security Operations as part of the IT team based in Somerset, NJ.Role OverviewLegend is looking for a Global Manager, Network Security Operations to join our Cybersecurity Team. The Security Engineer will report directly to the Information Security Officer to execute Legend’s Cybersecurity strategy. He / She will collaborate closely and frequently interact with the Information Security Officer, various IT Teams and other Business Units to continuously improve the Company’s security posture. The ideal candidate is familiar with information security industry best practices, modern automation and security tools and cloud environments. We are looking for someone with a security mindset who "thinks like an attacker".Key Responsibilities Hands on experience with establishing and manage a SOCIdentifying, investigating and responding to information security alerts from Network perimeter systems.Administer the indicators and metrics that will assess in maintaining the effectiveness of security processes and controls.Document network security incidents root cause reports, with evidence, remediation measures, and hands-on recommendations for managementCollaborate with Third Party Risk Management team to perform security risk assessment of proposed and existing system architecture for compliance with security best practices, recommending technical, administrative, and physical controls to mitigate identified risksAbility to advise on maintenance of firewalls rules, IPS/IDS and site-to-site VPN connectivity to partner/vendor sitesReview and assess firewall rules on a periodic basisPolicy Definition. Establish policies that enforce least privilege access, continuous authentication, and micro-segmentation across the network.Monitoring and Enforcement, implementing monitoring tools to continuously assess access requests and behaviors against established policies, with automated enforcement mechanisms.Develop service security and compliance requirements for cloud multi-tenant systems.Audit and Compliance: Conducting regular audits and ensuring compliance with regulatory requirements and organizational policies.Establish and manage vulnerability management program and execution of the programProvide advice on vulnerabilities and potential vulnerabilities within the cloud security network and on-premises architecture. Perform network security architecture design reviews and provide updates if requiredAbility to acquire best in class and thoroughly vet security vendors and managed service solutionsUnderstand regulatory compliance based on selected industry frameworks and compliance standards (i.e NIST, ISO, CobiT, CIS, SOX etc.)Implement, maintain and improve existing industry best practices of operational security controls such as:MonitoringIdentity and access managementEncryption and data securitySelf-auditingProvide guidance to Business Units on defining and prioritizing implementation of secure SaaS offeringsAssist in preparing and delivering training and security awareness activities to the IT teams and Companywide to build a security cultureAcquire relevant knowledge, remain up to date, attend security conferences and be involved with the security communityDrive and lead security processes, tools, methods, and knowledge and security enhancementsRequirements 8+ years of experience with network and software security (security researcher, security engineer, cloud security architect).Bachelor’s degree in computer science or related field, or additional 8+ years of experienceTechnical Experience in:Infrastructure security, security SDLC and secure SaaS practicesRisk assessment and management, and threat modelingNetwork Security reviews for code/design/architecture and requirementsSecurity compliance and frameworks such as NIST, ISO, CIS or CSA CCMHardening proceduresCloud Network administration and securityIdentity management and authentication systems and protocols (Active Directory, LDAP, SAML, RADIUS)Strong hands-on experience in:SOC, SIEM/SOAR and various security toolsKnowledge of Cloud Network architecture and security configurations (AWS, Azure)Ability to lead and train global junior resourcesThink like an attackerExcellent communication and written skillsStrong attention to detailStrong hands-on technical abilitiesStrong computer literacy and/or the comfort, ability and desire to advance technicallyStrong understanding of Information Security in various environmentsDemonstrated ability to assume sole and independent responsibilitiesAbility to keep track of numerous detail-intensive, interdependent tasks and ensure accurate completionExperience in operating within a Global multinational organizationAdditional PreferencesHands-on experience with Azure, AWS security best practices and Azure, AWS servicesSecurity +Security standards and practices (CSA, OWASP, SANS, etc.)Security of relational databases (MySQL, MS SQL Server, Oracle)Security management certificates (CISSP, CSSP, CISM, etc.)SOX, GDPR, PCI-DSS knowledgeLegend Biotech is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is Legend’s policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.Legend Biotech maintains a drug-free workplace. Benefits: Health Insurance Dental Insurance Vision Insurance Life Insurance Matched 401K Flexible Spending Account Health Savings Account AD&D Insurance Short-Term Disability Long-Term Disability Paid Maternity Leave Paid Paternity Leave Pet Insurance Critical Illness Insurance Hospital Indemnity Insurance Accident Insurance Legal Insurance Commuter Benefits Employee Assistance Program