Regional Lead, External Threat Response

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 39,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

As the Regional Lead, External Threat Response, you will play a critical role in safeguarding Lilly against cyber threats, ensuring seamless integration with our Global Cyber Defense Operations (GCDO).   In this dual-role, you will be expected to both perform analysis and lead a team of regional analysts who specialize in detecting, analyzing, and responding to cyber threats.

Integration with Global Cyber Defense Operations:

• Work closely with the global cyber defense operations organization to integrate regional threat response efforts.
• Ensure seamless information sharing, joint exercises, and alignment of processes.
• Contribute to the development of global threat response playbooks.

Leadership and Strategy:

• Execute the Global Cyber Defense Operations (GCDO) strategic integration vision for within your region.
• Collaborate with the global GCDO organization to align threat response efforts with organizational goals.
• Stay abreast of emerging threat landscapes and adjust strategies accordingly.

Team Management:

• Lead and mentor a team of regional analysts responsible for monitoring and responding to external threats.
• Foster a collaborative and high-performing culture within the team.
• Ensure analysis and attack memorialization is conducted to the GCDO standard.

Threat Detection and Analysis:

• Oversee the identification and assessment of external threats targeting our systems, networks, and data.
• Coordinate with other security teams to correlate threat intelligence and enhance detection capabilities.
• Conduct and fully document in-depth analysis of incidents to understand attack vectors and patterns.

Incident Response Coordination:

• Act as the point of contact for GCDO within your region.
• Collaborate with enterprise teams to ensure timely and effective mitigation.
• Facilitate communication and coordination during critical incidents.

Basic Requirements:

• Bachelor’s Degree in Computer Science/Information Technology or related field
• 7-10 years of Information Security related experience.

Additional Skills/Preferences :

• Information Security Certifications such as: CISSP, CISM, GCIH, GCIA, GCFA, GREM.
• 2 or more years of computer forensics.
• Information Security experience focused on cloud environments.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Knowledge of network traffic analysis methods.
• Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation state sponsored).
• Skill in preserving evidence integrity according to standard operating procedures and industry standards.
• Skill in performing damage assessments.
• Perform cyber defense trend analysis and reporting.
• Certifications addressing identification of malicious system and user activity, incident response in an enterprise environment, incident response process and framework, timeline artifact analysis, timeline collection, timeline processing, volatile data collection, filesystem structure and analysis, artifact analysis

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively “Lilly”) are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( Lilly_Recruiting_Compliance@lists.lilly.com ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

#WeAreLilly