At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.
What You'll Be Doing:
The Advisor, SecOps Engineering - Cyber Tech Services is responsible for the strategy, roadmap, and continuous improvement of the company's cyber operations platforms and services globally. This includes email security, governance/risk/compliance (GRC), automation, and other tools supporting the cybersecurity team's operations.
What You Should Bring:
Technology Strategy & Roadmap:
- Define the strategic vision and roadmap for cyber ops services aligned with security program objectives
- Evaluate emerging cybersecurity technologies and vendors to guide roadmap decisions
- Develop and maintain an integrated global roadmap consolidating input across teams and regions
Service Optimization & Automation:
- Drive optimization of cyber ops platforms for performance, scalability, integration, and cost-efficiency
- Implement automation and orchestration to increase operational agility and reduce toil
- Streamline processes and handoffs between cyber ops tools and upstream/downstream systems
- Foster an environment focused on operational excellence, continuous learning and innovation
GRC Program Enablement:
- Ensure GRC platforms enable effective risk assessments, control testing, audit reporting and compliance
- Assist GRC team with aligning GRC tooling with security frameworks like NIST CSF, ISO 27001, etc.
- Support integration of GRC with other security tools for a unified view of risks and controls
Email & Content Security:
- Oversee strategy and operations for email security and related services
- Implement modern email security controls to protect against phishing, malware, and data exfiltration
- Drive adoption of email security capabilities across the enterprise through awareness and training
Other Cyber Tech Platforms:
- Work with stakeholders across cybersecurity functions to identify new/emerging platforms to bring under Cyber Tech Services
Vendor & License Management:
- Evaluate, select and manage cyber ops vendors/products through RFPs and commercial negotiations
- Optimize licensing costs through consolidation and centralized procurement
- Manage software licenses, maintenance renewals, and vendor audit processes
Stakeholder Engagement:
- Engage with security leadership, IT, compliance, privacy and business stakeholders to understand needs
- Evangelize the cyber ops strategy and drive alignment across teams
- Represent cyber ops in architecture governance and technology investment boards
Your Basic Qualifications:
Bachelor's degree in computer science, information systems, cybersecurity or related field
OR a high school diploma with 12+ years cyber experience
10+ years of experience in cybersecurity operations, preferably with service provider or large enterprise
5 + years of experience in technology strategy and roadmap planning
3+ years of experience administering email security, GRC, automation, or cloud security solutions
Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) for this employment position
Additional Preferences:
Ability to map technical capabilities to security risks, compliance requirements and business priorities
Strong collaboration, communication and stakeholder management skills
Experience managing cross-functional projects and virtual teams in a global environment
Knowledge of security frameworks like NIST CSF, ISO 27001, COBIT, etc.
Proven ability to optimize operational costs and capital expenditure budgets
Relevant certifications in cybersecurity operations, GRC, etc. preferred
Additional information:
Remote
Local candidates will be required to work a hybrid model at the Lilly Corporate Center in Indianapolis, Indiana.
Lilly currently anticipates that the base salary for this position could range from between $135,000 to $211,400 and will depend, in part, on the successful candidate’s qualifications for the role, including education and experience. Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities). Of course, the compensation described above is subject to change and could be higher or lower than the range described above. Further, Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly’s compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees.
Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form (https://careers.lilly.com/us/en/workplace-accommodation) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response.
Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.
Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women’s Network, Working and Living with Disabilities. Learn more about all of our groups.
#WeAreLilly