Lead Information Security Engineer

Globus Medical•Audubon, PA

About The Position

At Globus Medical, we move with a sense of urgency to deliver innovations that improve the quality of life of patients with musculoskeletal disorders. Our team is inspired by the needs of these patients, and the surgeons and healthcare providers who treat them. We embrace a culture of exceptional response by partnering with researchers and educators to transform clinical insights into tangible solutions. Our solutions improve the techniques and outcomes of surgery so patients can resume their lives as quickly as possible. Position Summary: We are seeking a Lead Information Security Engineer with deep expertise in threat detection, adversary‑focused defense, and security engineering. This senior role serves as the escalation point for complex security incidents, leads the development of advanced detection capabilities, and drives our proactive threat hunting program across cloud and on‑prem environments. The ideal candidate is highly technical, fluent in attacker tradecraft, and passionate about building automated, scalable defenses. This role directly influences our detection strategy, engineering roadmap, and overall security posture.

Requirements

Bachelor’s degree in Computer Science, Information Security, or related field.
Expert‑level experience with SIEM (Rapid7 preferred), EDR platforms, and modern threat detection tooling.
Strong understanding of cloud security (Azure strongly preferred; AWS/GCP a plus).
Deep familiarity with attacker tradecraft, lateral movement patterns, and malware analysis concepts.
Scripting (PowerShell, Python) for detection, automation, and pipelines.
Strong grasp of identity security, zero‑trust concepts, log engineering, and telemetry architecture.
Hands‑on experience in IR, threat hunting, DFIR, and detection content development.
Action Oriented: Bias for execution, strong ownership of outcomes.
Problem Solving: Expert analytical ability and structured investigative mindset.
Composure: Maintains clarity and calm in high‑pressure investigations.
Leadership: Mentors others, influences decisions, and leads complex technical initiatives.
Continuous Learning: Self‑driven research into emerging threats, tools, and techniques.
Required to sit; climb or balance; and stoop, kneel, crouch or crawl
Required to regularly lift and/or move up to 10 pounds, and occasionally lift and/or move up to 25 pounds
Required to possess specific visons abilities, including: close vision, distance vision, color vision, peripheral vision, depth perception and capacity to adjust focus

Nice To Haves

Advanced certifications preferred (e.g., GCIA, GCFA, GREM, GMON, GDAT, Azure/AWS Security).

Responsibilities

Threat Detection Engineering Design, build, and maintain advanced detection logic across SIEM, EDR, cloud telemetry, and identity platforms.
Develop high‑fidelity detections mapped to MITRE ATT&CK, focused on attacker behavior—not just IOCs.
Engineer automated enrichment pipelines, correlation rules, custom parsers, and analytics to improve detection accuracy.
Partner with DevOps, Cloud, and Infrastructure teams to ensure logging, telemetry, and data quality support detection needs.
Proactive Threat Hunting Lead structured and hypothesis‑driven threat hunts across enterprise environments.
Build and maintain threat hunting playbooks, procedures, and automation.
Research emerging threats, TTPs, vulnerabilities, and campaigns to proactively identify risks.
Perform retrospective analysis to uncover previously undetected activity.
Incident Response & Escalation Serve as the technical escalation point for advanced incidents, intrusions, and complex investigations.
Guide analysts and engineers through containment, eradication, and recovery activities.
Perform in‑depth forensic analysis using EDR, logs, memory, network captures, and cloud artifacts.
Interface with leadership to deliver clear, data‑driven incident reports and recommendations.
Security Engineering & Automation Develop custom tools, scripts, and integrations (PowerShell, Python, etc.) to automate detection, hunting, and response.
Continuously enhance security controls, endpoint hardening, and cloud security configurations.
Assist in evaluating, testing, and onboarding new security technologies and capabilities.
Governance, Metrics, & Cross‑Team Collaboration Define key performance indicators (detection coverage, dwell time, fidelity, false‑positive trends).
Contribute to risk assessments, tabletop exercises, and red/blue/purple team engagements.
Mentor junior analysts/engineers and help mature operational and engineering capabilities.
Support audit, compliance, and readiness initiatives (ISO 27001, SOC, NIST).
Adheres to the letter and spirit of the company Code of Conduct, the AdvaMed Code, MedTech Code, and all other company policies.
Ensures Compliance with applicable governmental laws, rules, and regulations, both in the United States and internationally, by completing introductory and annual training and maintaining knowledge of compliance as it applies to your role
Represents the company in a professional manner and uphold the highest standards of ethical business practices and socially responsible conduct in all interactions with other employees, customers, suppliers, and other third parties
Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.