.. your spouse or domestic partner, and children from the start with our day-of-hire health insurance. Dental: Stay with your favorite dentist for everything from routine cleanings to orthodontia for your kids. Vision: Keep your vision 20/20 with our comprehensive coverage for exams, contacts, and eyeglasses .. read more
Why Endo?
We want the best and brightest people at Endo to help us achieve our mission to develop and deliver life-enhancing products through focused execution. Our nearly 3,000 global team members understand the important role we play in delivering healthcare and are dedicated to supporting each other as we work to bring the best treatments forward. Our shared values of Integrity & Quality, Innovation, Drive, Collaboration and Empathy guide our team and enable us to deliver upon our vision of helping everyone we serve live their best life.
At Endo, we are building a diverse, equitable and inclusive workplace, and we are looking for talented individuals to join our team.
Job Description Summary
As a member of Endo's IT department and under the supervision of the CISO, the Director, Security Engineering will oversee the development and implementation of strategic and tactical leadership for designing, operating, and optimizing the cybersecurity engineering function. This role within the Endo Information Security team will be a hands-on technical team member who will provide technical architecture and engineering for multiple business functions and domains. The successful candidate will play an integral role in ensuring our systems and data are protected against evolving cyber threats and compliance requirements and will have a security engineering mindset. They provide cybersecurity engineering advisory services for existing and proposed solutions with a flexible and dynamic approach to risk mitigation and problem-solving. Collaborating with peers, management, vendors and project managers, this role will successfully coordinate multiple projects and priorities in a dynamic environment.
Job Description
Key Accountabilities Conducting security testing Configuring security monitoring tools Evaluate security capabilities of technology tools across the entire Information Technology function. Advising stakeholders of security solution recommendations Providing security solution oversight & insight during the implementation of security solution recommendations As a leader, assess security configurations and interface with other key functions, including security operations, risk, audit, and compliance Plan, design, review, and implement security tools and processes to align with NIST CSF, HIPPA, PCI, and/or ISO27001 Plan/design/maintain endpoint deployments, configuration, and alerting Develop security and contingency plans. Conduct needed technical security assessments, audits, penetration testing, and forensic IT functions of client/server systems (native and virtual), databases, networks, and vehicle/appliance technology systems. Define, review, and implement information security policies, standards, and guidelines in compliance with federal and local laws including coordination with other parts of the organization Understand and handle incident response lifecycle and procedures, including identification, containment, eradication, recovery, and lessons learned Deploy, manage, and maintain SIEM tools to analyze and correlate security events across the enterprise Lead complex project work across multiple solutions, solution teams, or organizations Configure IDS systems, analyze firewall traffic and SIEM
Qualifications Bachelor's degree required or advanced degree preferred in a computing degree discipline. 3-5 years of prior management experience required. 8+ years of relevant work experience in architecture, design, and implementation within enterprise-level environments. Professional certifications preferred: CISSP, CCNP, CISM, CEH, ISSAP, TOGAF. Pharmaceutical industry experience strongly desired. Experience in architecting and securing cloud environments (AWS, Azure, or GCP) and virtualization technologies (e.g. VMWare, Docker, Kubernetes, etc.). Proven experience as a technical leader, leading, motivating, and developing a team of IT professionals. Experience with vendor management, including vendor contract negotiations, management of services, and directing/maximizing the use of 3rd party resources. Experience in ITIL, including change management principles and practices. Experience with GAP assessments, penetration testing and techniques, and patch management. Experience with modern security tools in the following areas:
Security Information and Event Management (SIEM) Managed Detection and Response (MDR) External Attack Surface Management (EASM) Tools Penetration Testing Tools Network Defense Tools Vulnerability Scanning Tools Encryption Tools: Network Security Monitoring Tools Intrusion Detection Systems (IDS)
Cloud Security Tools In-depth knowledge of cybersecurity frameworks and standards; NIST, ISO/IEC 27001, PCI-DSS, HIPAA, GDPR, FISMA Broad knowledge of network security practices, designs, methodologies, tools, and processes Comprehensive knowledge of network architectures, equipment, and designs Knowledge of vulnerability scanners and how to successfully implement and maintain an enterprise patching program Knowledge of IT security controls - firewalls, SIEM platforms, NAC, CASB, DLP, IPS/IDS, EDR, encryption, authentication, tokenization Working knowledge of the following technologies: Microsoft OS for Workstations/Servers, UNIX, firewall multi-layer design and implementation, WANs, LANs, internet, intranets, and network protocols (i.e., VPN, TLS, SSH, SFTP, TCP/IP, etc.), security assessment tools, vulnerability scanners, intrusion prevention systems, encryption, public key infrastructure (PKI), mobile device management In-depth knowledge of implementing Zero Trust, Software Defined Wide Area Networking, and Secure Services Edge Architectures for global organizations Familiarity with threat modeling, building risk models, and analyzing security weaknesses. Strong analytical and problem-solving skills with the ability to assess complex security issues and recommend effective solutions Excellent communication skills with the ability to convey technical concepts to non-technical stakeholders and senior leadership Experience with supporting collocated networks, Cloud Service Providers, AWS, Azure Google Cloud Platform, etc. is a plus. Strong critical analysis and problem-solving skills, including diagnosing, troubleshooting, and recommending solutions. Ability to manage multiple time-sensitive priorities without diminished effectiveness. Ability to determine & apply the root cause of security events. Understanding and knowledge of industry best practice methodologies Highly developed organizational and management skills
Commitment to Diversity, Equity, and Inclusion:
At Endo, our diversity unites and empowers us as One Team, and we are committed to cultivating, and valuing, each person's unique perspective. We actively promote a culture of inclusion that draws strength from our broad spectrums of diversity, including race, ethnicity, religion, gender identity or expression, national origin, color, sexual orientation, disability status, age, and all our other unique characteristics, qualifications, demonstrated skills, achievements, and contributions, backgrounds, experiences, cultures, styles, and talents.
EEO Statement:
At Endo, we firmly believe in the principles of equal employment opportunity and strive to create an atmosphere where all employees, regardless of their race, color, creed, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability (including pregnancy), age, or military or veteran status, feel valued, respected, and empowered. Our commitment to EEO extends to every aspect of employment, including recruitment, hiring, training, promotions, compensation, benefits, transfers, terminations, and all other employment practices. We are dedicated to ensuring that all employment decisions are based on qualifications, skills, and merit. #J-18808-Ljbffr
We want the best and brightest people at Endo to help us achieve our mission to develop and deliver life-enhancing products through focused execution. Our nearly 3,000 global team members understand the important role we play in delivering healthcare and are dedicated to supporting each other as we work to bring the best treatments forward. Our shared values of Integrity & Quality, Innovation, Drive, Collaboration and Empathy guide our team and enable us to deliver upon our vision of helping everyone we serve live their best life.
At Endo, we are building a diverse, equitable and inclusive workplace, and we are looking for talented individuals to join our team.
Job Description Summary
As a member of Endo's IT department and under the supervision of the CISO, the Director, Security Engineering will oversee the development and implementation of strategic and tactical leadership for designing, operating, and optimizing the cybersecurity engineering function. This role within the Endo Information Security team will be a hands-on technical team member who will provide technical architecture and engineering for multiple business functions and domains. The successful candidate will play an integral role in ensuring our systems and data are protected against evolving cyber threats and compliance requirements and will have a security engineering mindset. They provide cybersecurity engineering advisory services for existing and proposed solutions with a flexible and dynamic approach to risk mitigation and problem-solving. Collaborating with peers, management, vendors and project managers, this role will successfully coordinate multiple projects and priorities in a dynamic environment.
Job Description
Key Accountabilities Conducting security testing Configuring security monitoring tools Evaluate security capabilities of technology tools across the entire Information Technology function. Advising stakeholders of security solution recommendations Providing security solution oversight & insight during the implementation of security solution recommendations As a leader, assess security configurations and interface with other key functions, including security operations, risk, audit, and compliance Plan, design, review, and implement security tools and processes to align with NIST CSF, HIPPA, PCI, and/or ISO27001 Plan/design/maintain endpoint deployments, configuration, and alerting Develop security and contingency plans. Conduct needed technical security assessments, audits, penetration testing, and forensic IT functions of client/server systems (native and virtual), databases, networks, and vehicle/appliance technology systems. Define, review, and implement information security policies, standards, and guidelines in compliance with federal and local laws including coordination with other parts of the organization Understand and handle incident response lifecycle and procedures, including identification, containment, eradication, recovery, and lessons learned Deploy, manage, and maintain SIEM tools to analyze and correlate security events across the enterprise Lead complex project work across multiple solutions, solution teams, or organizations Configure IDS systems, analyze firewall traffic and SIEM
Qualifications Bachelor's degree required or advanced degree preferred in a computing degree discipline. 3-5 years of prior management experience required. 8+ years of relevant work experience in architecture, design, and implementation within enterprise-level environments. Professional certifications preferred: CISSP, CCNP, CISM, CEH, ISSAP, TOGAF. Pharmaceutical industry experience strongly desired. Experience in architecting and securing cloud environments (AWS, Azure, or GCP) and virtualization technologies (e.g. VMWare, Docker, Kubernetes, etc.). Proven experience as a technical leader, leading, motivating, and developing a team of IT professionals. Experience with vendor management, including vendor contract negotiations, management of services, and directing/maximizing the use of 3rd party resources. Experience in ITIL, including change management principles and practices. Experience with GAP assessments, penetration testing and techniques, and patch management. Experience with modern security tools in the following areas:
Security Information and Event Management (SIEM) Managed Detection and Response (MDR) External Attack Surface Management (EASM) Tools Penetration Testing Tools Network Defense Tools Vulnerability Scanning Tools Encryption Tools: Network Security Monitoring Tools Intrusion Detection Systems (IDS)
Cloud Security Tools In-depth knowledge of cybersecurity frameworks and standards; NIST, ISO/IEC 27001, PCI-DSS, HIPAA, GDPR, FISMA Broad knowledge of network security practices, designs, methodologies, tools, and processes Comprehensive knowledge of network architectures, equipment, and designs Knowledge of vulnerability scanners and how to successfully implement and maintain an enterprise patching program Knowledge of IT security controls - firewalls, SIEM platforms, NAC, CASB, DLP, IPS/IDS, EDR, encryption, authentication, tokenization Working knowledge of the following technologies: Microsoft OS for Workstations/Servers, UNIX, firewall multi-layer design and implementation, WANs, LANs, internet, intranets, and network protocols (i.e., VPN, TLS, SSH, SFTP, TCP/IP, etc.), security assessment tools, vulnerability scanners, intrusion prevention systems, encryption, public key infrastructure (PKI), mobile device management In-depth knowledge of implementing Zero Trust, Software Defined Wide Area Networking, and Secure Services Edge Architectures for global organizations Familiarity with threat modeling, building risk models, and analyzing security weaknesses. Strong analytical and problem-solving skills with the ability to assess complex security issues and recommend effective solutions Excellent communication skills with the ability to convey technical concepts to non-technical stakeholders and senior leadership Experience with supporting collocated networks, Cloud Service Providers, AWS, Azure Google Cloud Platform, etc. is a plus. Strong critical analysis and problem-solving skills, including diagnosing, troubleshooting, and recommending solutions. Ability to manage multiple time-sensitive priorities without diminished effectiveness. Ability to determine & apply the root cause of security events. Understanding and knowledge of industry best practice methodologies Highly developed organizational and management skills
Commitment to Diversity, Equity, and Inclusion:
At Endo, our diversity unites and empowers us as One Team, and we are committed to cultivating, and valuing, each person's unique perspective. We actively promote a culture of inclusion that draws strength from our broad spectrums of diversity, including race, ethnicity, religion, gender identity or expression, national origin, color, sexual orientation, disability status, age, and all our other unique characteristics, qualifications, demonstrated skills, achievements, and contributions, backgrounds, experiences, cultures, styles, and talents.
EEO Statement:
At Endo, we firmly believe in the principles of equal employment opportunity and strive to create an atmosphere where all employees, regardless of their race, color, creed, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability (including pregnancy), age, or military or veteran status, feel valued, respected, and empowered. Our commitment to EEO extends to every aspect of employment, including recruitment, hiring, training, promotions, compensation, benefits, transfers, terminations, and all other employment practices. We are dedicated to ensuring that all employment decisions are based on qualifications, skills, and merit. #J-18808-Ljbffr