Specialist IS Security Engineer



Job Summary:

The Specialist IS Security Engineer plays an integral role in Information Security for Amgen. The primary responsibility is to support various functions within Information Security especially in the areas of Technical Security. The Specialist IS Security Engineer will work with various stakeholders at Amgen in a manner aligned to Amgen’s values to define and implement Information Security Services strategies, standards, tools and processes.

This Security Engineer will work with other Amgen teams like Security Operations on architecting, designing, testing and implementing technologies, processes, and other improvements in incident response, threat intelligence, threat mitigation, risk assessment and related areas. This will also include participation in on-call activities.

The Specialist IS Security Engineer will be a part of Amgen’s Information Security team and will be expected to contribute to and help deliver services and projects in other areas of information security.

Job Responsibilities:

The role will be part of the Information Security team responsible for delivering security services across Amgen globally. This position will focus on Cybersecurity services and technologies but will support Threat and Vulnerability Management. Areas of responsibility include:

  • Management of technologies and processes relating to threat and vulnerability management including issue identification and resolution, integration with other tools, documentation, gap assessment, gap resolution and continuous improvement of the service
  • Keep up-to-date, make recommendations, and lead or participate in the implementation of technologies and services in penetration testing, vulnerability management, threat intelligence and incident response domains
  • Work with and provide guidance to Security Operations and other Information Security team activities on security strategies, processes, response and technologies
  • Provide relevant threat intelligence to Information Security that is of importance to Amgen
  • Support on security incidents including contributing to mock security incident exercises
  • Define, provide and improve metrics on the assigned services including the use of appropriate applications and tools for reporting
  • Define, lead and execture red team/blue team excersises
  • Develop or participate in the development of business cases and presentations on information security technologies of interest to Amgen
  • Advise project teams, application owners, and other Information Security teams on information security controls
  • Perform security design consulting in support of projects
  • Perform penetration tests and technical security assessements
  • Participate in projects or initiatives where an IS Security Engineer is needed with a focus on ensuring inclusion of information security requirements
  • Provide mentorship and training on areas of expertise to Information Security and Amgen teams
  • Collaborate, maintain and build relationships with Amgen and other parties that may impact Threat and Vulnerability Management services and technologies
  • Participate in audits covering information security services and technologies
  • Provide support for forensic investigations, eDiscovery and data preservation on an as-needed basis
  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services
  • Participate in on-call and perform appropriate escalation of problems and issues

Specialist IS Security Engineers will also present project status reports to senior management, adhere to policies and practices relative to technical guidelines and change management processes, and may contribute to the development of new policies and practices by suggesting innovative ideas.

Doctorate degree
Master’s degree & 3 years of directly related experience
Bachelor’s degree & 5 years of directly related experience
Associate’s degree & 10 years of directly related experience
High school diploma / GED & 12 years of directly related experience

Romania-Based role:

  • Strong demonstrated knowledge and experience identifying and responding to threats specifically on different forensic and defensive technologies (e.g., IPS, Encase), security information and event management solutions (e.g., QRadar).
  • Experience in using and managing Linux-based operating systems and developing Perl or Python scripts
  • Practical Knowledge of Information Security standards and policies like ISO 27001/27002, NIST, and others
  • Extensive background in identifying threats and data exposure using Open-Source intelligence (OSINT) techniques
  • Excellent verbal and written communication skills
  • Demonstrated success in leading multi-functional initiatives without formal authority through the use of strong influencing and negotiating skills
  • Effective working with global, virtual teams
  • Successful management of multiple priorities
  • Must be team-oriented, placing priority on the successful completion of team goals
  • Self-starter with a high degree of initiative
  • Must be highly motivated and able to work effectively under minimal supervision
  • Experience with regulated systems (GxP, SOX) in the pharmaceutical, biotechnology, healthcare industry
  • Excellent analytical and troubleshooting skills
  • Experience with complex technologies that impact security
  • Experience with technical documentation as it relates to the delivery of information security services in a regulated environment
  • Master Degree in Engineering, Information Systems, or Computer Science
  • At least 5 years as a senior security engineer supporting a multinational organization
  • Certifications: GCIA, GPEN, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP, or similar certification

Read Full DescriptionHide Full Description
Confirmed 13 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

One Step Register
Need an account? Sign Up