Director, Enterprise Security

• Manage deep collaboration across Information Technology (IT), Product Security and Business Partners to execute strategic security priorities and drive continuous improvement of cybersecurity program.
• Design, implement, and operate cybersecurity processes and technologies across the enterprise.
• Manage a team of security professionals serving all aspects of security operations globally.
• Active management of external partnerships that serve in partnership to manage and monitor 24/7 security operations.
• Collaborate with the Security Strategy & Planning teams to develop roadmaps, enhancement strategies, and other transformational activities for the operations team
• Lead monitoring and detection capabilities for the security organization and the broader enterprise
• Lead vulnerability management for ongoing risk mitigation maintaining defined SLA’s in collaboration with internal and external stakeholders
• Lead Data Loss Prevention program for the detection and response to data exfiltration
• Manage Incident Response and Threat Intelligence to identify emerging threats and proactively identify mitigation plans specific to systems and services.
• Manage endpoint security including EDR, DLP, File Integrity and other endpoint solutions across on-prem and cloud solutions.
• Drive design and implementation of enterprise cloud security strategies in close collaboration with Security Architecture and Governance & Risk teams
• Liaise among the Enterprise Security team and other corporate departments and divisions.
• Proactively manage cybersecurity capability development, compromises, and respond to incidents
• Provide cybersecurity operations and configuration assurance
• Provide key performance and risk indicators for the CISO, Technology Services, and the board of directors
• Manage identification and mitigation of application cybersecurity risks
• Collaborate with Asset Management programs leader for the enhancements of existing systems and methodologies.
• Develop and test incident response strategies and communication plans

• 10+ years of experience in information security and 5+ years in a security leadership role
• Understand Agile Methodologies to manage a highly efficient team with clear outcomes and deliverables.
• Domain knowledge for the following cybersecurity capability areas: Vulnerability Management, Data Security and Protection, Cloud Security, Infrastructure Security, Identity and Access Management, Cyber Threat Operations, Cybersecurity Testing
• Understanding of the zero trust security model
• Excellent leadership, communication (written and oral), and interpersonal skills

• Strong organizational skills
• Excellent analytical and problem-solving skills
• Strong organizational skills to juggle multiple tasks within the constraints of timelines and budgets with business acumen
• Ability to work and thrive in a fast-paced environment, learn rapidly, and master diverse technologies and techniques
• Experience in technology strategy or consulting
• Proven success in contributing to a team-oriented environment
• Proven ability to work creatively and analytically in a problem-solving environment
• Experience with related tools and technology vendors (e.g., CrowdStrike)
• Minimum requirement for this U.S.-based position is the ability to work legally in the United States
• No visa sponsorship/support is available for this position, including for any type of U.S. permanent residency (green card) process

• Master’s or bachelor’s degree in Computer Science, Information Technology/Management, or related fields are a plus, but not required; practical experience is taken into consideration
• CISSP – Certified Information Systems Security Professional
• Strong understanding of enterprise security control frameworks (e.g., NIST, ISO)
• Strong understanding of cybersecurity risk frameworks (e.g., FAIR)
• CISM – Certified Information Security Manager
• CompTIA Security+

• Boston, MA or New England Region.
• Options for remote work is available

Bose is an equal opportunity employer that is committed to inclusion and diversity. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or any other legally protected characteristics. For additional information, please review: (1) the EEO is the Law Poster (http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf); and (2) its Supplements (http://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm). Please note, the company's pay transparency is available at http://www.dol.gov/ofccp/pdf/EO13665_PrescribedNondiscriminationPostingLanguage_JRFQA508c.pdf. Bose is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the application or employment process, please send an e-mail to Wellbeing@bose.com and let us know the nature of your request and your contact information.