Manager, Cybersecurity Operations

at  Analog Devices

Analog Devices, Inc. (NASDAQ: ADI) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $12 billion in FY22 and approximately 25,000 people globally working alongside 125,000 global customers, ADI ensures today’s innovators stay Ahead of What’s Possible.
Position Summary
The manager in this role will report to the leader of the Cyber Defense Discipline in the Cybersecurity Team and will be responsible for the shift-based operations of Cyber incident detection, response, containment, and recovery (hereby referred to as Incident Response (IR)) as well as support forensics and root cause analysis activities. In the immediate term, there will need to also be coverage for up-time support and troubleshoot interoperability issues for end point security agents such as MDE, VPN The role’s scope is global and will include IR for the IT footprint, in addition to decentralized technology teams including manufacturing system support teams, ADI’s Engineering Enablement group, Cloud Product Solutions teams, and Central AI and Data. Responsibilities also include ensuring continued alignment with industry, regulatory, and customer compliance standards within the IR domain.

The ideal candidate will have the following demonstrated experience and capabilities aligned to the listed expectations of the role:

• Provide management for the Cyber Defense regional operations team, to deliver operational excellence in pursuit of a ‘best in class’ program.
• Ongoing lifecycle management and support of cybersecurity detection and response service’s needs
• Accounting for the build of a multi-tenant/multi-stakeholder IR monitoring support model.
• Integration of diverse cybersecurity tools, processes and services with scale and streamlined operations at the core of design decisions.
• Operate in accordance with industry accepted standards and the internally developed Cybersecurity program.
• Bring operational passion to run, and continuously improve, this critical technical IR function in the organization.
• Disciplinary knowledge; leverage business acumen and technical expertise.
• Detailed understanding in range of security domains: software, data and infrastructure (Network, server, end point), threat modeling, encryption, and related security controls.
• Experience with security of data center, co-lo, cloud and cloud native infrastructure and integration.
• Experience delivering highly available security solutions.
• Applied knowledge of tuning IR detection tools to reduce false positives while not losing visibility into threats.
• Ensuring tool choices and decisions consider interoperability success for gathering telemetry across a highly heterogeneous technology footprint (e.g agents are tested for successful Windows, Mac and Linux and account for interoperability tuning for successful co-existence with a wide variety of software applications.)
• Knowledge of embedded system security and related secure connectivity a plus (IIoT).
• Follow the Cybersecurity Incident Response (IR) plan including:
• Update the contents of the IR plan and related run books over time
• Participate in periodic IR tabletop exercises.
• Preserve forensic integrity during response activities to extent possible.
• Project and Operational Capability Management:
• Lead Cybersecurity Vendor Management for COTS software and SaaS tools (up-time, renewals, upgrades, etc.).
• Prioritize and plan projects and provide stakeholder management to ensure success.
• Adapt project deliverables, programs or methods based on customer or business partner feedback without compromising on cybersecurity posture (e.g. be open to creative or innovative means to solve problems in less intrusive ways).
• Successfully support audits and execute on action plans to closure:
• Timely response to, and assistance with, due diligence and internal / external security audit requests as needed.
• History of developing and tracking to closure, action plans from internal or external 3rd party Cybersecurity assessments
• Support ADI’s growth strategy by developing and being able to deploy a rapid monitoring integration model that provides visibility into M&A tech footprint quickly, while setting up for longer term integration alignment requirements and needs.
• In-depth understanding of ADI’s goals, customer requirements and knowledge of competitor practices a plus
• Demonstrated knowledge of MS office suite of products
• Occasional travel to various ADI locations may be required.

Education

• Undergraduate degree or equivalent professional experience plus 7+ years relevant experience, or
• Graduate degree and 5 years relevant experience.
• Preferred certifications: ISC CISSP, GIAC, CISA SSCP, CEH, SANS GIAC, and/or Offensive Security OSCP

For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S. Department of Commerce - Bureau of Industry and Security and/or the U.S. Department of State - Directorate of Defense Trade Controls. As such, applicants for this position – except US Citizens, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) – may have to go through an export licensing review process.
Analog Devices is an equal opportunity employer. We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.
Job Req Type: Experienced
Required Travel: No
Shift Type: Variabl

• Provide management for the Cyber Defense regional operations team, to deliver operational excellence in pursuit of a ‘best in class’ program.
• Ongoing lifecycle management and support of cybersecurity detection and response service’s needs
• Accounting for the build of a multi-tenant/multi-stakeholder IR monitoring support model.
• Integration of diverse cybersecurity tools, processes and services with scale and streamlined operations at the core of design decisions.
• Operate in accordance with industry accepted standards and the internally developed Cybersecurity program.
• Bring operational passion to run, and continuously improve, this critical technical IR function in the organization.
• Disciplinary knowledge; leverage business acumen and technical expertise.
• Detailed understanding in range of security domains: software, data and infrastructure (Network, server, end point), threat modeling, encryption, and related security controls.
• Experience with security of data center, co-lo, cloud and cloud native infrastructure and integration.
• Experience delivering highly available security solutions.
• Applied knowledge of tuning IR detection tools to reduce false positives while not losing visibility into threats.
• Ensuring tool choices and decisions consider interoperability success for gathering telemetry across a highly heterogeneous technology footprint (e.g agents are tested for successful Windows, Mac and Linux and account for interoperability tuning for successful co-existence with a wide variety of software applications.)
• Knowledge of embedded system security and related secure connectivity a plus (IIoT).
• Follow the Cybersecurity Incident Response (IR) plan including:
• Update the contents of the IR plan and related run books over time
• Participate in periodic IR tabletop exercises.
• Preserve forensic integrity during response activities to extent possible.
• Project and Operational Capability Management:
• Lead Cybersecurity Vendor Management for COTS software and SaaS tools (up-time, renewals, upgrades, etc.).
• Prioritize and plan projects and provide stakeholder management to ensure success.
• Adapt project deliverables, programs or methods based on customer or business partner feedback without compromising on cybersecurity posture (e.g. be open to creative or innovative means to solve problems in less intrusive ways).
• Successfully support audits and execute on action plans to closure:
• Timely response to, and assistance with, due diligence and internal / external security audit requests as needed.
• History of developing and tracking to closure, action plans from internal or external 3rd party Cybersecurity assessments
• Support ADI’s growth strategy by developing and being able to deploy a rapid monitoring integration model that provides visibility into M&A tech footprint quickly, while setting up for longer term integration alignment requirements and needs.
• In-depth understanding of ADI’s goals, customer requirements and knowledge of competitor practices a plus
• Demonstrated knowledge of MS office suite of products
• Occasional travel to various ADI locations may be required