Senior Cybersecurity Defense Manager

Additional Location(s):  N/A

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.                

About the Role:

Boston Scientific seeks an experienced Cybersecurity leader to direct our cyber defense initiatives. The candidate should have a solid technical foundation in the field, outstanding leadership capabilities and a history of managing teams effectively in cyber threat situations.

In this critical role, the individual will work alongside other Cybersecurity leaders to improve current processes and tools, ensuring our CSIRT remains adept at handling emerging threats. You'll oversee team operations, offer technical advice, participate in reviews, and provide feedback. During incidents, you'll lead the team to mitigate threats promptly and keep leadership apprised of developments. Collaboration with partners is key in improving detection and prevention controls within a cooperative, multi-functional setting. Leadership duties also include promoting an inclusive culture, recruiting and coaching talent from a diverse range of backgrounds and cultures, and nurturing an environment that encourages growth and teamwork.

This role offers hybrid working arrangement and requires approximately 3 days onsite at our Marlborough, MA, location. 

Your responsibilities will include:

• Develop and implement a comprehensive cybersecurity incident response strategy aligned with organizational goals and industry best practices.
• Provide leadership and guidance in the development and implementation of incident response policies, procedures, and protocols.
• Collaborate with senior management to integrate incident response capabilities into the overall cybersecurity strategy and business continuity plans.
• Lead and manage a team of highly skilled cybersecurity professionals, providing mentorship, coaching, and professional development opportunities.
• Foster a culture of collaboration, innovation, and continuous improvement within the incident response team.
• Establish clear roles, responsibilities, and performance expectations for team members to ensure efficient and effective incident response operations.
• Oversee the detection, analysis, and response to cybersecurity incidents, including advanced threats and targeted attacks.
• Collaborate with other departments, including IT, legal, compliance, and risk management, to ensure alignment of incident response efforts with organizational objectives.
• Participate in cross-functional incident response and crisis management exercises to test response plans and enhance organizational preparedness.
• Establish metrics and key performance indicators (KPIs) to measure the effectiveness of incident response operations and drive continuous improvement efforts.
• Conduct post-incident reviews and analyses to identify lessons learned, root causes, and areas for improvement.
• Implement corrective actions and process enhancements to strengthen incident response capabilities and mitigate future risks.
• Develop and manage the annual budget for the cybersecurity incident response team, ensuring alignment with organizational goals and objectives.
• Allocate budget resources effectively to support incident response activities, including staffing, technology investments, and training initiatives.
• Evaluate and manage vendor relationships for cybersecurity products and services, negotiating contracts and service level agreements to optimize value and cost savings.
• Identify opportunities for cost optimization and efficiency improvements within the incident response program, leveraging automation, process improvements, and alternative sourcing strategies.
• Conduct financial analysis and scenario modeling to support decision-making and strategic planning related to cybersecurity incident response investments.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, or related field.
• 10+ years of experience in cybersecurity, with a focus on incident response and security operations.
• Proven leadership experience, with a track record of successfully managing and developing technical teams.
• Strategic thinking and analytical skills, with demonstrated ability to develop and execute cybersecurity incident response strategies.
• Demonstrated technical knowledge of cybersecurity principles, technologies, and methodologies, including malware analysis, network forensics, and endpoint security.
• In-depth knowledge of cybersecurity technologies, tools, and techniques, including SIEM, IDS/IPS, EDR/EPP, and threat intelligence platforms.
• Strong understanding of incident response frameworks and standards, such as NIST SP 800-61 and ISO/IEC 27035.
• Demonstrated cross-functional collaboration skills, with the ability to effectively communicate technical concepts to non-technical stakeholders.

Preferred Qualifications & Competencies:

• Advanced degree in degree in Computer Science, Information Technology, or related field.
• Relevant industry certifications like CISSP, GIAC, or CISM.

Requisition ID: 587589

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!

At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. Boston Scientific is proud to be an equal opportunity and affirmative action employer.

Boston Scientific maintains a prohibited substance free workplace. Pursuant to Va. Code § 2.2-4312 (2000), Boston Scientific is providing notification that the unlawful manufacture, sale, distribution, dispensation, possession, or use of a controlled substance or marijuana is prohibited in the workplace and that violations will result in disciplinary action up to and including termination.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status.  Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment.  Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements.   As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.