PURPOSE AND SCOPE:

The Director of Cybersecurity Defense Center will lead the Global Security Operations Center (GSOC), reporting to the Head of Cybersecurity Operations Center at Fresenius Medical Care.  This role is responsible for overseeing the day-to-day operations of the GSOC and enhancing the organization’s capabilities to defend against cyber threats. This leader will play a critical role in safeguarding the organization's cybersecurity posture while driving continuous improvements across cybersecurity capabilities.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

Manage the day-to-day management of the global security operations center providing enhanced Cybersecurity Services to multiple Business Units. This should include monitoring, Incident Response, Advance threat Analytics, and policy enforcementIdentify key program level metrics, e.g. key performance indicators (KPI) and key risk indicators (KRI) to measure the effectiveness of the security operations center program and measure the risk inherited by the organizationProvide regular reports on security metrics, incident analysis, and improvement plans to executive management.Partner with other stakeholders across the organization to effectively monitor Policy enforcement with technology integration opportunitiesWork with Third Parties and internal resources to perform effective Pen Testing across the enterprise.Lead Incident Response for Information Technology aspect when escalation occurs.Lead the team with clear deliverables, goals/objectives, appraisals, feedback, coaching, planning and measurementSupervise the design and execution of vulnerability assessments, penetration tests and security audits. Lead the mitigation strategies for identified vulnerabilities across product linesManage the tactical execution of short- and long-term objectives through the coordination of activities with a direct responsibility for results, including costs, methods, and staffingSupport the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions.Understand and stay current on best practices and guidance on achieving securityUnderstand and ensure compliance with current and applicable US (United States) laws and regulations that affect medical device cybersecurity.Leads efforts with the development of the policies and procedures on how to handle new security situationsSupport the cybersecurity incident response strategies of our Care Delivery and Care Enablement operating verticals.Leads and/or assists with various projects assigned by direct supervisor. Performs other duties as assigned

 

PHYSICAL DEMANDS AND WORKING CONDITIONS:

The physical demands and work environmental characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

SUPERVISION:

Responsible for the direct supervision of various levels of Global Cybersecurity staff.

EDUCATION:

Bachelor's degree in management information systems, Computer Science, or business/science related field required.

EXPERIENCE AND REQUIRED SKILLS:  

15+ years of experience working in the Security Operations and/or other Cybersecurity domain.Direct people management experience is a must Basic understanding of computer security concepts including Identity & Access Management, Network Security, Application SecurityAbility to operate as a pro-active and result-driven problem solver with excellent analytical and interpersonal skills.Ability to understand IT (Information Technology) processes, management objectives risk appetite and tolerances and impact of objectives, risk appetite and tolerances and impact of changes to risk profiles.Strong client services orientation and communication skills coupled with a high sense of urgency to keep appropriate partners informed, including solutions to overcome obstacles to deliver to expectation.Strong understanding of risk management, integration with enterprise risk management and business strategy.Relevant certifications such as CompTIA Security+, CISSP, or Certified Ethical Hacker are preferred.Experience in IT governance, risk, and controls, including governance frameworks.Demonstrated technical writing, communication, and presentation skills.Proven record to deliver results.

EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity

Fresenius Medical Care North America maintains a drug-free workplace in accordance with applicable federal and state laws.

EOE, disability/veterans