Company Information Legend Biotech is a global biotechnology company dedicated to treating, and one day curing, life-threatening diseases. Headquartered in Somerset, New Jersey, we are developing advanced cell therapies across a diverse array of technology platforms, including autologous and allogenic chimeric antigen receptor T-cell and natural killer (NK) cell-based immunotherapy. Legend Biotech entered into a global collaboration agreement with Janssen, one of the pharmaceutical companies of Johnson & Johnson, to jointly develop and commercialize ciltacabtagene autolecuel (cilta-cel) in 2017. Our strategic partnership is designed to combine the strengths and expertise of both companies to advance the promise of an immunotherapy in the treatment of multiple myeloma. Legend Biotech is seeking a Global Manager, Network Security Operations as part of the IT team based in Somerset, NJ. Role Overview Legend is looking for a Global Manager, Network Security Operations to join our Cybersecurity Team. The Security Engineer will report directly to the Information Security Officer to execute Legend's Cybersecurity strategy. He / She will collaborate closely and frequently interact with the Information Security Officer, various IT Teams and other Business Units to continuously improve the Company's security posture. The ideal candidate is familiar with information security industry best practices, modern automation and security tools and cloud environments. We are looking for someone with a security mindset who "thinks like an attacker". Key Responsibilities * Hands on experience with establishing and manage a SOC * Identifying, investigating and responding to information security alerts from Network perimeter systems. * Administer the indicators and metrics that will assess in maintaining the effectiveness of security processes and controls. * Document network security incidents root cause reports, with evidence, remediation measures, and hands-on recommendations for management * Collaborate with Third Party Risk Management team to perform security risk assessment of proposed and existing system architecture for compliance with security best practices, recommending technical, administrative, and physical controls to mitigate identified risks * Ability to advise on maintenance of firewalls rules, IPS/IDS and site-to-site VPN connectivity to partner/vendor sites * Review and assess firewall rules on a periodic basis * Policy Definition. Establish policies that enforce least privilege access, continuous authentication, and micro-segmentation across the network. * Monitoring and Enforcement, implementing monitoring tools to continuously assess access requests and behaviors against established policies, with automated enforcement mechanisms. * Develop service security and compliance requirements for cloud multi-tenant systems. * Audit and Compliance: Conducting regular audits and ensuring compliance with regulatory requirements and organizational policies. * Establish and manage vulnerability management program and execution of the program * Provide advice on vulnerabilities and potential vulnerabilities within the cloud security network and on-premises architecture. Perform network security architecture design reviews and provide updates if required * Ability to acquire best in class and thoroughly vet security vendors and managed service solutions * Understand regulatory compliance based on selected industry frameworks and compliance standards (i.e NIST, ISO, CobiT, CIS, SOX etc.) * Implement, maintain and improve existing industry best practices of operational security controls such as: * Monitoring * Identity and access management * Encryption and data security * Self-auditing * Provide guidance to Business Units on defining and prioritizing implementation of secure SaaS offerings * Assist in preparing and delivering training and security awareness activities to the IT teams and Companywide to build a security culture * Acquire relevant knowledge, remain up to date, attend security conferences and be involved with the security community * Drive and lead security processes, tools, methods, and knowledge and security enhancements Requirements * 8+ years of experience with network and software security (security researcher, security engineer, cloud security architect). * Bachelor's degree in computer science or related field, or additional 8+ years of experience * Technical Experience in: * Infrastructure security, security SDLC and secure SaaS practices * Risk assessment and management, and threat modeling * Network Security reviews for code/design/architecture and requirements * Security compliance and frameworks such as NIST, ISO, CIS or CSA CCM * Hardening procedures * Cloud Network administration and security * Identity management and authentication systems and protocols (Active Directory, LDAP, SAML, RADIUS) * Strong hands-on experience in: * SOC, SIEM/SOAR and various security tools * Knowledge of Cloud Network architecture and security configurations (AWS, Azure) * Ability to lead and train global junior resources * Think like an attacker * Excellent communication and written skills * Strong attention to detail * Strong hands-on technical abilities * Strong computer literacy and/or the comfort, ability and desire to advance technically * Strong understanding of Information Security in various environments * Demonstrated ability to assume sole and independent responsibilities * Ability to keep track of numerous detail-intensive, interdependent tasks and ensure accurate completion * Experience in operating within a Global multinational organization Additional Preferences * Hands-on experience with Azure, AWS security best practices and Azure, AWS services * Security + * Security standards and practices (CSA, OWASP, SANS, etc.) * Security of relational databases (MySQL, MS SQL Server, Oracle) * Security management certificates (CISSP, CSSP, CISM, etc.) * SOX, GDPR, PCI-DSS knowledge #Li-JK2 #Li-Remote Legend Biotech is a proud equal opportunity/affirmative action employer committed to attracting, retaining, and maximizing the performance of a diverse and inclusive workforce. It is Legend's policy to ensure equal employment opportunity without discrimination or harassment based on race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law. Legend Biotech maintains a drug-free workplace.