Today, Lonza is a global leader in life sciences operating across three continents. While we work in science, there’s no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that’s the kind of work we want to be part of.
Lonza Morristown, NJ is looking for a Senior Cyber Security Analyst supporting the Security Operations team in the AMER region.
POSITION: Sr. Cyber Security Analyst
JOB LOCATION: 412 Mount Kemble Ave., Suite 200S, Morristown, NJ 07960 [and various unanticipated locations throughout the U.S.; may work from home]
DUTIES: Protect sensitive data and systems from threats within the Security Operations Center by implementing and monitoring the appropriate security controls. Assess potential systems and process vulnerabilities to determine security infrastructure requirements, advise stakeholders on associated risks treatment actions, and ensure changes are being performed to enhance systems security. Manage security incidents effectively as a level 2 and 3 Security Operations Analyst in a timely manner according to their priority. Furthermore, support the team in keeping the systems involved in the Security Operations up to date and configured as appropriate. Monitor networks and systems for potential threats . Perform initial analysis and primary triage of events reported through Endpoints. Conduct analysis of infected hosts or analyze network traffic to identify attacker activity. Research, design, and develop new information security controls. Identify business impact, risk and select appropriate controls to achieve effective asset protection at an appropriate cost level. Research, evaluate, and drive next generation security technologies and solutions to solve the organization’s needs. Manage solution development and deployment that adhere to best practices. Ensure persistent SAP environment monitoring and SOC (Security Operations Center) procedures/processes are in place to ensure continuous risk awareness/mitigation and compliance are maintained. Manage SAP Security incidents, vulnerabilities (including code review, patch management) and drive remediation with the SAP Solution Owners, Developers, and Authorization team to ensure adequate security practices are in place throughout SAP systems buildout to mitigate identified risks and to meet business objectives. Co-develop SAP associated policies, standards and controls. Develop security reference architectures and roadmap to help define the cybersecurity design and implementation of SAP systems. Manage SAP Security configuration, security baselines and monitor adherence to it. Oversee and document SAP security aspects of a new SAP environment, including vulnerability assessment, design, API security, data at rest, code review, access, and authentication. Evaluate (security) architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to SAP system requirements. Utilize SAP Security. Execute SAP authorizations and security hardening related topics in following SAP products: SAP ECC, SAP BTP, Gateway, SAP Solution manager, IBP Cloud, Ariba, Fieldglass, HANA Database. Identify business impact, risk and select appropriate controls to achieve effective asset protection at an appropriate cost level. Drive implementation of security controls in IT Infrastructure and Delivery org. Drive remediation of security incidents and put remediation actions in place as appropriate. Utilize an understanding of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries (e.g., PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA, and TCG). Assess and understand risks with SecurityBridge.
MINIMUM REQUIREMENTS: Requires a Bachelor’s degree, or foreign equivalent degree in Computer Information Systems, Electronic Engineering, or Cyber Security and five (5) Years of progressive, post-baccalaureate experience in the job offered or five (5) Years of progressive, post-baccalaureate experience in a related occupation utilizing SAP Security; executing SAP authorizations and security hardening related topics in following SAP products: SAP ECC, SAP BTP, Gateway, SAP Solution manager, IBP Cloud, Ariba, Fieldglass, HANA Database; identifying business impact, risk and select appropriate controls to achieve effective asset protection at an appropriate cost level; driving implementation of security controls in IT Infrastructure and Delivery org; driving remediation of security incidents and put remediation actions in place as appropriate; assessing and understanding risks with SecurityBridge; and utilizing an understanding of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries (e.g., PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA, and TCG).
Every day, Lonza’s products and services have a positive impact on millions of people. For us, this is not only a great privilege, but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.
Lonza is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a qualified individual with disability, protected veteran status, or any other characteristic protected by law.