Associate Director, Incident Response and Forensics
Company: CSL Behring
Location: King of Prussia
Posted on: March 23, 2026
|
|
|
Job Description:
Job Description CSL is looking for a highly technical and
detail-oriented leader in the DFIR space that specializes in
digital forensics, malware analysis, threat detection, and the
fast-paced excitement of supporting incident response activities.
As the leader of our Digital Forensics and eDiscovery team, you
will be responsible to support and grow a global team, own the
strategy and direction for the people, processes, and technology to
fulfill your mission, and partner deeply with our Security
Operations, Data Loss Prevention, and Threat Intelligence teams to
help CSL defend itself from cyber attacks. You will direct the
adoption of new tools and technologies to further your goals. The
position holder: Leads a global team to apply security incident
handling processes for CSL to successfully support the
cybersecurity and information security incident response process
to: Prepare for Identify Contain Eradicate Recover from
cybersecurity events The role will lead a global team of digital
forensics, incident response and eDiscovery analysts that will:
Work closely with the Director, Security Operations to develop and
implement a cybersecurity threat analysis structure of common
attack techniques to evaluate an attacker's spread through a CSL
system, platform and or network. Develop and maintain a continuous
upskilling program for your team to increase skills and overall
capability maturity Identify and implement tools to determine
attack types and choose appropriate defenses and response tactics
for each Derive Indicators of Compromise (IOCs) from malicious
activity to strengthen incident response, threat detection, and
intelligence efforts Conduct in-depth forensic analysis of various
operating systems Examine traffic using common network protocols to
identify patterns of activity or specific actions that warrant
further investigation Detect and hunt for adversary tools, tactics,
and procedures (TTPs) across an enterprise environment Partner with
Compliance, Legal, Privacy, and other teams to perform internal
investigations pertaining to eDiscovery matters Demonstrates
thought leader-level abilities with, and/or a proven record of
success directing efforts in the following areas: Network Analysis
Computer Memory Analysis Endpoint Analysis Cyber Incident Lifecycle
NIST 800-61 Lead and supervise teams to create an atmosphere of
trust and seek diverse views to encourage improvement and
innovation, answer questions and provide direction to
less-experienced staff, coach staff including providing timely
meaningful written and verbal feedback Reports to Executive
Director, Enterprise Monitoring & Cyber Resilience Direct Reports –
This role will manage a team of Forensics, eDiscovery, Incident
Response and Threat Hunting SME’s and may have Project Managers,
Project Coordinators, Security Architects, and vendors or managed
service providers as direct and indirect reports based on security
project portfolio. Main Responsibilities and Accountabilities:
Participates in the hiring, growth, and development of junior
incident response staff in the areas of threat hunting, forensic
analysis, eDiscovery, litigation hold, incident resolution and
return to operations. Mentors and directs specially assigned
incident response project managers and their teams and program
management staff, and actively role models expected project
management and leadership behaviors and processes designed to
improve project results and the performance of the team. Position
Qualifications and Experience Requirements: Required: College
degree, preferably in a related technical subject; or advanced
degree in business or industry-related subject or equivalent
related work experience in cybersecurity and manufacturing.
Preferred: An advanced degree (MS) in a relevant discipline (or
equivalent) including cybersecurity, management information
systems, and related technologies related to manufacturing
cybersecurity. Project management certification / training
desirable / CISSP, CISM, CISO, GIAC-GCED, GIAC-GCIH, and/or
GIAC-CFE certification preferred. Essential Experience: 8 years
demonstrated experience leading global, multi-functional Digital
Forensics/Cybersecurity Incident Response teams (bio-pharma
manufacturing environment preferred but not mandatory) Strong
leadership, consultative, communication, and conflict management
skills to influence project leaders and stakeholders, including
non-specialists, at all levels in the organization and achieve team
objectives while maintaining a positive team environment. The
ability to train, mentor, and develop project managers in project
management methodologies and their application; the ability to
manage in a matrix environment. The ability to work on complex
problems where analysis of situation or data requires an in-depth
evaluation of various factors to achieve best results. The ability
to clearly communicate complex issues to senior management so that
critical issues are understood quickly and can be addressed
immediately. Strong strategic planning, quantitative, and decision
analysis capabilities. Strong project management and integration
skills; ability to coordinate all aspects of a project or program.
Demonstrated experience in developing, managing, and controlling
cross functional project budgets. 8 years’ experience using a
formal project management methodology, techniques and tools.
Proficiency and use of enterprise computer applications including
the Microsoft suite of products and project management software.
Desired Experience: Experience in biopharmaceutical industry
Experience in crafting enterprise incident response programs for a
global company – process and technical definition. About CSL
Behring CSL Behring is a global biotherapeutics leader driven by
our promise to save lives. Focused on serving patients’ needs by
using the latest technologies, we discover, develop and deliver
innovative therapies for people living with conditions in the
immunology, hematology, cardiovascular and metabolic, respiratory,
and transplant therapeutic areas. We use three strategic scientific
platforms of plasma fractionation, recombinant protein technology,
and cell and gene therapy to support continued innovation and
continually refine ways in which products can address unmet medical
needs and help patients lead full lives. CSL Behring operates one
of the world’s largest plasma collection networks, CSL Plasma. Our
parent company, CSL, headquartered in Melbourne, Australia, employs
32,000 people, and delivers its lifesaving therapies to people in
more than 100 countries. To learn more about CSL, CSL Behring, CSL
Seqirus and CSL Vifor visit https://www.csl.com/ and CSL Plasma at
https://www.cslplasma.com/. Our Benefits For more information on
CSL benefits visit How CSL Supports Your Well-being | CSL. You
Belong at CSL At CSL, Inclusion and Belonging is at the core of our
mission and who we are. It fuels our innovation day in and day out.
By celebrating our differences and creating a culture of curiosity
and empathy, we are able to better understand and connect with our
patients and donors, foster strong relationships with our
stakeholders, and sustain a diverse workforce that will move our
company and industry into the future. To learn more about inclusion
and belonging visit https://www.csl.com/careers/inclusion
-and-belonging Equal Opportunity Employer CSL is an Equal
Opportunity Employer. If you are an individual with a disability
and need a reasonable accommodation for any part of the application
process, please visit https://www.csl.com/accessibility
-statement.
Keywords: CSL Behring, Harrisburg , Associate Director, Incident Response and Forensics, IT / Software / Systems , King of Prussia, Pennsylvania
