Senior Cyber Security Analyst
US - Morristown, NJ
Lonza
Lonza is one of the world’s largest healthcare manufacturing organizations, helping pharmaceutical, biotech and nutrition companies to bring their treatments to market.
Today, Lonza is a global leader in life sciences operating across three continents. While we work in science, there’s no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that’s the kind of work we want to be part of.
Lonza Morristown, NJ is looking for a Senior Cyber Security Analyst supporting the Security Operations team in the AMER region.
POSITION: Sr. Cyber Security Analyst
JOB LOCATION: 412 Mount Kemble Ave., Suite 200S, Morristown, NJ 07960 [and various unanticipated locations throughout the U.S.; may work from home]
DUTIES: Protect sensitive data and systems from threats within the Security Operations Center by implementing and monitoring the appropriate security controls. Assess potential systems and process vulnerabilities to determine security infrastructure requirements, advise stakeholders on associated risks treatment actions, and ensure changes are being performed to enhance systems security. Manage security incidents effectively as a level 2 and 3 Security Operations Analyst in a timely manner according to their priority. Furthermore, support the team in keeping the systems involved in the Security Operations up to date and configured as appropriate. Monitor networks and systems for potential threats . Perform initial analysis and primary triage of events reported through Endpoints. Conduct analysis of infected hosts or analyze network traffic to identify attacker activity. Research, design, and develop new information security controls. Identify business impact, risk and select appropriate controls to achieve effective asset protection at an appropriate cost level. Research, evaluate, and drive next generation security technologies and solutions to solve the organization’s needs. Manage solution development and deployment that adhere to best practices. Ensure persistent SAP environment monitoring and SOC (Security Operations Center) procedures/processes are in place to ensure continuous risk awareness/mitigation and compliance are maintained. Manage SAP Security incidents, vulnerabilities (including code review, patch management) and drive remediation with the SAP Solution Owners, Developers, and Authorization team to ensure adequate security practices are in place throughout SAP systems buildout to mitigate identified risks and to meet business objectives. Co-develop SAP associated policies, standards and controls. Develop security reference architectures and roadmap to help define the cybersecurity design and implementation of SAP systems. Manage SAP Security configuration, security baselines and monitor adherence to it. Oversee and document SAP security aspects of a new SAP environment, including vulnerability assessment, design, API security, data at rest, code review, access, and authentication. Evaluate (security) architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to SAP system requirements. Utilize SAP Security. Execute SAP authorizations and security hardening related topics in following SAP products: SAP ECC, SAP BTP, Gateway, SAP Solution manager, IBP Cloud, Ariba, Fieldglass, HANA Database. Identify business impact, risk and select appropriate controls to achieve effective asset protection at an appropriate cost level. Drive implementation of security controls in IT Infrastructure and Delivery org. Drive remediation of security incidents and put remediation actions in place as appropriate. Utilize an understanding of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries (e.g., PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA, and TCG). Assess and understand risks with SecurityBridge.
MINIMUM REQUIREMENTS: Requires a Bachelor’s degree, or foreign equivalent degree in Computer Information Systems, Electronic Engineering, or Cyber Security and five (5) Years of progressive, post-baccalaureate experience in the job offered or five (5) Years of progressive, post-baccalaureate experience in a related occupation utilizing SAP Security; executing SAP authorizations and security hardening related topics in following SAP products: SAP ECC, SAP BTP, Gateway, SAP Solution manager, IBP Cloud, Ariba, Fieldglass, HANA Database; identifying business impact, risk and select appropriate controls to achieve effective asset protection at an appropriate cost level; driving implementation of security controls in IT Infrastructure and Delivery org; driving remediation of security incidents and put remediation actions in place as appropriate; assessing and understanding risks with SecurityBridge; and utilizing an understanding of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries (e.g., PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA, and TCG).
Every day, Lonza’s products and services have a positive impact on millions of people. For us, this is not only a great privilege, but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.
Lonza is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a qualified individual with disability, protected veteran status, or any other characteristic protected by law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Cloud Compliance FedRAMP GLBA HIPAA IT infrastructure Monitoring NIST SAP SOC SOX Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DoD-related jobs