Director, IT Security Operations

Join our global diversified pharmaceutical company enriching lives through our relentless drive to deliver better health outcomes to our patients. We are all in it together to make a difference. Be a part of a culture that doesnt just wait for change but actively creates itwhere your skills and values drive our collective progress and impact.

The Director of IT Security Operations leads and continuously matures global security operations overseeing the enterprise Security Operations Center (SOC) incident response vulnerability management and security monitoring across on-prem cloud and artificial intelligence (AI)-enabled platforms through a blend of internal teams and Managed Service Providers (MSPs). Accountable for timely compliant detection and responsedriving disciplined operations measurable improvements and threat-informed defenses that reduce risk. Success is measured by metrics such as mean time to detect (MTTD) mean time to respond (MTTR) containment time vulnerability remediation SLA attainment false-positive rate and timely closure of audit findings.

This is a hybrid role based out of the Bridgewater NJ office (Tuesday Wednesday Thursday in office)

Key Responsibilities:

Security Operations & SOC Oversight

• Lead the 24x7x365 global SOC consisting of internal staff and MSPs including operating models staffing and service delivery.
• Set governance service-level agreements (SLAs) metrics and escalation paths for SOC services.
• Improve monitoring alerting and response across endpoints networks identity software as a service (SaaS) and cloud; ensure consistent execution from triage through post-incident review.
• Own security information and event management (SIEM) and detection engineering strategy including log onboarding correlation tuning and integration with incident response (IR) workflows.

Incident Response Leadership

• Function as the escalation lead for major security incidents e.g. intrusions ransomware malware data exposure Distributed Denial-of-Service (DDoS) insider risk and third-party events.
• Coordinate response with IT Legal Human Resources Privacy Compliance Communications and external partners.
• Own and mature the Incident Response Program (policies playbooks exercises) ensuring thorough documentation root-cause analysis and corrective actions tracked to closure.

Vulnerability Management

• Own the enterprise vulnerability management program (governance risk-based prioritization remediation tracking and reporting).
• Oversee vulnerability discovery across infrastructure endpoints applications cloud and third parties; partner with teams to drive timely remediation based on risk and exploitability.
• Provide executive visibility into risk posture trends and remediation effectiveness.

AI & Emerging Technology Security Operations

• Extend monitoring IR and vulnerability practices to AI-enabled platforms and services.
• Partner with Security Architecture AI Governance and Risk to ensure AI events (misuse data leakage model risks) are detectable and operationally manageable as capabilities evolve.

Governance Risk & Audit Support

• Support audit readiness regulatory compliance and incident reporting with Governance Risk and Compliance (GRC) Privacy Compliance and Internal Audit.
• Align operations to frameworks e.g. National Institute of Standards and Technology (NIST) ISO/IEC 27001/27002 (information security) and ISO/IEC 42001 (AI management system) Center for Internet Security (CIS) Controls and implement tools/standards driven by operational findings and emerging risk.

Leadership & Communication

• Build strong partnerships across IT Security and business stakeholders; deliver executive-ready reporting on incidents operational health and risk trends.
• Develop and mentor security operations leaders reinforcing accountability resilience and continuous learning.

Qualifications & Experience:

• 10 years in Information Technology with 5 years in security operations including leading teams and MSPs
• Bachelors degree in IT Computer Science Security required
• Strong grasp of the threat landscape incident investigation/root-cause analysis and executive communication
• Working knowledge of frameworks and regulations e.g. NIST ISO/IEC CIS Controls
• Experience operating in cloud SaaS and emerging technology environments including AI-enabled platforms
• Certifications e.g. Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Ethical Hacker (CEH) CompTIA Security strongly preferred

The range of starting base pay for this role is 105K-145K. Actual starting pay will be based on a wide range of factors including but not limited to relevant skills experience qualifications education and addition to base pay this position is eligible for participation in either (i) our annual bonus program or (ii) a sales incentive plan.

Benefits package includes comprehensive Medical (includes Prescription Drug) Dental Vision Flexible Spending Accounts 401(k) with matching company contribution 3-weeks paid time off plus paid sick time stock purchase plan tuition reimbursement parental leave short- and long-term disability life insurance accidental death & dismemberment insurance 12 paid holidays (including floating holidays) employee referral bonuses and employee discounts.

#LI-hybrid

We are an Equal Opportunity Employer. EOE Disability/Veteran. We are committed to building diverse teams representative of the patients and communities we serve and we strive to create an inclusive workplace that cultivates collaboration.