Emergent BioSolutions (NYSE: EBS), headquartered in Gaithersburg, Maryland, is a global life sciences company that provides a diverse portfolio of specialty products and services that address public health threats. The company develops, manufactures, and commercializes medical countermeasures (MCM) against chemical and biological, (CBRN) threats, as well as explosive-related threats and existing and emerging infectious diseases (EID). In 2018, the company diversified the scope of its public health threat mandate significantly by acquiring Adapt Pharma, the maker of NARCAN® Nasal Spray for opioid overdose reversal, and PaxVax, the maker of Vivotif® and Vaxchora®, which are marketed travelers vaccines for typhoid and cholera, as well as a number of R&D programs at various stages of development.
Emergent BioSolutions continues to drive innovation and achieve significant growth YOY-growing from a company with only one product and less than $300M in revenue in 2012 to a broader base with 10 products that are now marketed or procured globally. The company is on target to exceed $1B revenues for 2019, one year ahead of plan, while advancing the founding mission to protect and enhance life. The company operates through four business units:
* CONTRACT DEVELOPMENT & MANUFACTURING
* JOB SUMMARY
The Lead Cyber Security Operations Analyst works both independently and collaboratively with EBSI Managed Security Service Provider, Incident Response Team, Information Security Engineers, IT systems engineers, and software engineers. The primary responsibility for this individual will be operate as the tier three security operations analyst, subject matter expert, e-discovery/Digital forensics and cyber threat intelligence fusion cell on the cybersecurity operations team.
* ESSENTIAL FUNCTIONS
Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions.
* Lead cyber security operations analysts have the responsibility of being the highest technical escalation point of a cyber incident investigating and determining, based on analysis, if an Incident is to be decleared and board reportable.
Manage internal/external interactions and communications with stakeholders in a professional manner, referring problems to and communicating with the appropriate department manager/director.Follow legal evidentiary chain of custody during compromise investigations by documenting and communicating findings in the system of record for case management solution and after-action reporting * Perform and validate network and host level digital forensic investigations to determine root cause of the compromise, intrusion, or breach
* Develop and implement cyber security playbooks and process flows in line with industry best pracitces and standards
* Developing, implementing, and documenting signatures and behavioral detection/prevention strategies that keep pace with emerging cyber threats
* Identify, drive, track, and document compromise remediaton efforts
* Declare EBSI official Incidents and be the transition point to the Incident Response team
* Process cyber threat intelligence in accordance with the "intelligence cycle": direction, collection, processing, analysis, dissemination, and feedback from open source, paid subscriptions, and government sources.
The above statements are intended to describe the nature of work performed by those in this job and are not an exhaustive list of all duties. Nothing in this job description restricts managements right to assign or reassign duties and responsibilities to this job at any time which reflects management's assignment of essential functions.
III. MINIMUM EDUCATION, EXPERIENCE, SKILLS
3+ years of relevant commercial security operations experience or equivalent USCYBERCOM National Defense Team, MSSP, CERT, CNDSP work experience * Must have at least one of the following cyber security technical certifications: SEC+/GSEC/CCSP/CYSA+In addition to one of the following: GCIH/GCFA/GNFA/GREM
* Familiarity with Linux, Windows, and cyber forensic evidence concepts
* Knowledge of malware families and network attack vectors.
* Knowledge about exploits, vulnerabilities, and cyber attacks
* Familiarity with performing host and network level analysis to determine if compromise occured.
* Familiarity with the Lockheed Cyber Kill Chain and MITRE AT&CK frameworks
* Must have the ability to attain at least a Secret US government clearance
* Possess planning, interpersonal, and motivational skills, able to write clearly and succinctly in technical and non-technical formats.
* Ability to speak both extemporaneously and in formal business settings.
* Have the ability to apply logic and reason to solve complex problems.
* Ability to establish and maintain multi-functional and positive working relationships.
* Advanced computer skills and proficiency.
* Strong interpersonal and networking skills with a solid ability to work in a team environment.
* Ability to work under stressful and tight deadlines as well as the ability to lead in a fast-paced environment.
* Above average computer hardware and software knowledge.
* Ability to multi-task, discerns patterns in detail.
* Think through problems for logical solutions and remain calm and professional under stress.
* Strong decision-making ability during both crisis and non-crisis situations.
* Able to work with highly confidential information.
* PHYSICAL/MENTAL DEMANDS AND WORK ENVIRONMENT CHARACTERISTICS
The physical/mental demands are representative of those that must be met by an individual to successfully perform the essential functions of the job.
The work environment characteristics described here are representative of those an individual would encounter while performing the essential functions of the job.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Physical/Mental Demands and Work Environment Characteristics:
☒ Ability to organize/coordinate ☒Comprehend and follow instructions
☒ Direct, control and plan ☒ Independently make quick decisions to solve complex issues
☒Problem Solve ☒ Analyze/Interpret data and information
☒ Perform with frequent interruptions ☒ Make decisions using sound judgment
☐ Supervise/Manage others
☐ Good eye/hand coordination ☐ Visual Acuity
☒ Use keyboard/computer/phone ☐ Detect/Distinguish smell
☐ Detect/Distinguish hearing ☐ Maintain stationary position
☐ Position self to move ☐Move/Traverse
☐ Ascend/Descend (climb) ☐ Reaching
☐ Calibrate precise ☐ Ability to safely operate hand tools
☐ Move/Transport [X] lb. ☐ Repetitive movement activities
☒Regular and predictable attendance
☐ Work around extreme temperatures - cold or hot
☐ Work around noise above conversation level
☒ Work in restricted access to laboratory area
☐ Exposure to dust/gas/fumes/steam/chemicals
☐ Work with Select Agents as defined by the CDC
☐ Work irregular hours that often include nights and weekends
☐ Work in multiple locations
20% travel; international included