Associate Director, Vulnerability Management and Cyber Fusion Governance Details

Bristol Myers Squibb - Princeton, NJ

Employment Type : Full-Time

At Bristol Myers Squibb, we are inspired by a single vision – transforming patients’ lives through science. In oncology, hematology, immunology and cardiovascular disease – and one of the most diverse and promising pipelines in the industry – each of our passionate colleagues contribute to innovations that drive meaningful change. We bring a human touch to every treatment we pioneer. Join us and make a difference.

The Associate Director of Vulnerability Management (VM) and Cyber Fusion Governance is dually responsible for the enterprise Vulnerability Program and serving as a central liaison within the Cyber Fusion Center (CFC) supporting a portfolio of activities. This includes providing oversight to the Build and Transformational set of initiatives, while serving as an enabler across all functions within the Cyber Fusion Center to drive greater operational efficiency. The role may include oversight for FTEs, service providers and contractors, while additionally managing a matrixed team of cross functional resources.

Position Responsibilities:

  • Serve as a key member of the BMS Cybersecurity Operations team, accountable for Vulnerability Management (VM) and Governance of cross-functional activities within the CFC
  • Build out an integrated VM program and operationalize reporting (including executive level reporting) to drive remediation
  • Manage service providers for established VM services
  • Provide direct and indirect management support to team members, including contractors and service provider resources
  • Establish relationships with IT platform teams and Interface with key stakeholders around open vulnerabilities and remediation guidance
  • Interface and support Attack Surface Reduction team
  • Manage CSIRTS as they relate to expedited patching and remediation requirements
  • Support incidents as necessary, including ability to step into an Incident Commander role
  • As Cyber Fusion Governance Lead, serve as liaison and drive cross-functional transformational projects within the Cyber Fusion Center (CFC)
  • Provide oversight to a centralized function within the CFC which supports metrics definition and reporting and awareness efforts
  • Liaison with peer Cybersecurity towers including Cyber Vigilance, Third-party risk, Cyber Risk, Cyber Architecture, IAM etc.
  • Provide portfolio and program management oversight to technical initiatives and engagements within the CFC
  • Support development of Executive briefs for a cross-functional group
  • Develop and maintain operational dashboards and drive efficiencies across CFC towers
  • Support Executive messaging as required
  • Provided extended support for broader Cyber Operations horizontal functions
  • Support audits and other key requests within Cyber Operations

Desired experience varies by role:

  • Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience
  • 5+ years of prior relevant experience (experience required commensurate with role)
  • Strong project management skills and executive messaging ability
  • Experience building and/or managing CFC functions or SOC teams
  • Experience defining and monitoring and reporting Cybersecurity metrics
  • Experience with contributing to Cybersecurity policies and Standard Operating Procedures
  • Expertise in managing VM programs and a solid understanding of any VM technology

Ideal Candidates Would Also Have:

  • Security certifications including CISSP, CISM, PMP are a plus.
  • Seasoned direct and matrix management skills, with a particular emphasis on energizing and developing talent.
  • Working knowledge of agile methodologies applied to SDLC and IT services.
  • Excellent project management, communication and collaboration skills

Around the world, we are passionate about making an impact on the lives of patients with serious diseases. Empowered to apply our individual talents and diverse perspectives in an inclusive culture, our shared values of passion, innovation, urgency, accountability, inclusion and integrity bring out the highest potential of each of our colleagues.

Bristol Myers Squibb recognizes the importance of balance and flexibility in our work environment. We offer a wide variety of competitive benefits, services and programs that provide our employees with the resources to pursue their goals, both at work and in their personal lives.

Posted on : 3 years ago