Director Defensive Security Research

Nov 22, 2021

Job Description

15 Petabyte of data hosted, 49 countries supported, 15,000 servers and thousands of devices to connect locations and businesses. Information is clearly one of Novartis’ most valuable assets. In ISRM (Information Security and Risk Management), we implement and maintain solutions that secure the Novartis environment, protect our data and provide the necessary control framework to enable compliance with the various regulations associated with the healthcare industry.

Novartis Israel is looking for a Defensive Cyber Security Manager to lead a team of professional defensive researchers.

Your key responsibilities:

Your responsibilities will include, but are not limited to:

• People management - Overall responsibility for the professional and personal development of the defensive security research team members
• Define and prioritize malicious TTPs posing the highest risk to the company based on existing threat intelligence
• Develop logics and tools to detect the prioritized TTPs
• Cooperate with the cyber security operations center (CSOC) to implement the logics and tools developed by the team in the existing monitoring and incident response processes
• Drive the mitigation of broad IT security risks across security domains and functions that were detected as part of the team’s continual threat hunting activities
• Utilize big data sets to perform hunting missions based on the above mentioned prioritized TTPs
• Work with key stakeholders responsible for the Company’s IP to assess specific threats to their operations and design mitigation strategies
• Design a wide variety of security tools and use cases, across multiple environments to help identify, mitigate insider threats, and support the enterprise’s cyber security operations center (CSOC) to investigate them.
• Security tools assessment – Contribute to the overall effort to review and assess the effectiveness of the company’s existing and future security tools/ solutions stack

Diversity & Inclusion / EEO

Novartis is committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Minimum Requirements

What you’ll bring to the role:

• 7+ years of experience in Incident Response / CERT team or experience with malware investigations
• Critical understanding of the cyber attacker kills chain elements, with particular emphasis on attack objectives
• Advanced understanding of cyber threat vectors and countermeasures
• Familiarity with the current nation-state (“APT”) threat landscape and the various actors and groups
• Software development experience/ proficiency with scripting languages such as Python/ Perl/ Ruby
• In depth knowledge with analyzing disassembly of x86 and x64 binaries
• Expert in dynamic and static analysis and tools such as IDAPro and Ollydbg
• Skilled in performing kernel-mode debugging on rootkit malware
• Capability to identify and defeat malware defense mechanism such as anti-reverse, anti-debug, and anti-virtual machine

Why consider Novartis?
799 million. That’s how many lives our products touched in 2019. And while we’re proud of that fact, in this world of digital and technological transformation, we must also ask ourselves this: how can we continue to improve and extend even more people’s lives?

We believe the answers are found when curious, courageous and collaborative people like you are brought together in an inspiring environment. Where you’re given opportunities to explore the power of digital and data. Where you’re empowered to risk failure by taking smart risks, and where you’re surrounded by people who share your determination to tackle the world’s toughest medical challenges.

Imagine what you could do at Novartis!

Commitment to Diversity & Inclusion:
Novartis embraces diversity, equal opportunity and inclusion. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates bold innovation through collaboration, and empowers our people to unleash their full potential.

Novartis are an equal opportunities employer and welcome applications from all suitably qualified persons.

Join our Novartis Network: If this role is not suitable to your experience or career goals but you wish to stay connected to learn more about Novartis and our career opportunities, join the Novartis Network here:
Tel Aviv
Information Technology
Full Time
careers default image

Director Defensive Security Research

Apply to Job Access Job Account