Cyber Offensive Security Manager

Overview

Innovation starts from the heart. Edwards Lifesciences is the global leader of patient-focused innovations for structural heart disease and critical care monitoring. With millions of patients served in over 100 countries, each team makes a meaningful contribution by improving patient outcomes and discovering lasting solutions for unmet patient needs.

In this role, you will be leading the team responsible for cyber offensive and threat intelligence operations at Edwards Lifesciences. This team is critical to delivering unique threat insights and services that help protect Edwards’ mission of delivering innovative medical solutions that improve patient lives around the globe.

You will make an impact by:

• Developing and leading the execution and delivery of high-impact cyber offensive services and products in support of the business and its mission of serving patients.

• Planning, leading, and executing offensive security engagements, leveraging the latest cyber threat intelligence tailored to Edwards. Engagements include penetration tests, red team engagements, and purple team exercises across a diverse set of people, processes, and technologies supporting the business.

• Leading a team of cyber offensive testers/operators and cyber threat analysts. Defining and executing to clear expectations and goals for the team and individual team members.

• Implementing and managing an effective and efficient operating model and structure for consistently delivering high-quality services and products, safely and ethically.

• Planning, leading, and executing service engagements, leveraging the latest cyber threat intelligence tailored to Edwards. Engagements include penetration tests, red team engagements, and purple team exercises across a diverse set of people, systems, applications, and services supporting the business.

• Cultivating and delivering high-quality/high-value cyber threat intelligence products to various technical and non-technical stakeholders across the organization.

• Building cross-functional partnerships and workflows to maximize your team’s positive impact at Edwards.

• Effectively communicating, in verbal and written form, complex and technical subject matter to a wide variety of audiences.

What you'll need:

• Bachelor's degree in Computer Science, Information Security, Information Technology, or other related field.

• A minimum of 10 years of progressive experience executing and leading cyber offensive operations and engagements.

• Experience leading and mentoring a team of creative and technical professionals.

• Must have red team and/or purple team experience and must be able to plan, build, and execute these types of engagements.

• Must have enterprise infrastructure/network pentesting experience.

• High level of proficiency and experience with OPSEC-aligned techniques/practices/methodologies/tools/custom development used in executing safe and ethical on-site and remote cyber offensive engagements for mid-to-large scale enterprises across a diverse set of on-prem, mobile, and cloud-based environments, infrastructure, applications, and services.

• Experience designing, deploying, operating secure and resilient attack infrastructure.

• Experience implementing and executing against formal cyber offensive security and threat intelligence methodologies and frameworks.

• Understanding and experience with industry frameworks and methodologies covering adversary TTPs, attack patterns, threat modeling, cyber threat intelligence.

• Experience performing threat modeling.

• Understanding of common enterprise technologies, processes, and cloud-based services.

• Ability to collaborate and problem solve with other teams across various domains.

• Experience establishing and managing customer relationships.

• Experience developing and delivering reports and presentations for a diverse audience.

• Excellent verbal and written communication skills.

• Technical certification in the cyber offensive domain.

What else we look for:

• Security architecture and/or cyber detection and response experience.

• IT infrastructure and/or software development experience.

• Familiarity with OT/Manufacturing cybersecurity.

• Familiarity with Agile methodologies.