Amgen Security Operations Manager in Bucharest, Romania
The Incident Response Manager will be part of a global team and will work with its US-based counterpart to oversee all day-to-day 24hr operations and functions provided by the Cyber Security Operations Center.
You will be directly responsible for organizing, training and equipping Amgen employees and contractors in a manner directly aligned with Amgen’s culture, principles and core values.
In the capacity of Incident Response Manager, you will craft or oversee all security operations standard operating procedures, field manuals, and operating instructions. As part of the investigation or remedial processes, you will have to engage with key business and operational partners in managing the detection, response, and remediation of cyber-related attacks on Amgen’s global enterprise.
The IR/Cyber Security Operations Manager is a leader in Amgen’s Cyber Security Organization and is expected to contribute to and deliver services and projects that support the mission, priorities, and objectives of the organization.
You will lead European Global Incident Response (IR) Operations and co-lead the Cybersecurity SOC along with the US-based Incident Response Manager to ensure continuity of 24/7 security services. Areas of responsibility include:
Develop strategy and continuous improvement for the Global Incident Management Program
Fulfills critical role as Incident Response Commander directly responsible for IR activities throughout Amgen’s European and Asia Pacific Region
Provides direction and guidance for workforce job proficiency by establishing and maintaining a comprehensive professional development plans
Lead security event monitoring, management, and response
Deliver accurate incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring
Ensure SLA compliance and process consistency to achieve operational objectives
Lead integration of standard and non-standard logs in Security Information and Event Monitoring (SIEM) solution
Revise and develop processes to strengthen Security Operations
Manage team to include staff augmentation (CW) and outsourced services pertaining to the CSOC
Lead coordination efforts with necessary partners to better understand activity or actions and their impact on Amgen's environment.
Maintain and upkeep relevant playbooks for response
Translate complex technical incidents into business language and be able to present the same to different audiences
Demonstrate, integrate, and collaborate on enhancing existing information security solutions and services to address any gaps or deficiencies in the CSOC to address security risks.
Collaborate with other Information Security teams and provide CSOC insight to where limited information security controls or solutions are present
Lead efforts to integrate critical CSOC data into Information Security’s metrics program to enable critical strategic, operational, and tactical decisions making
Provide mentorship and training on areas of expertise to Information Security and Amgen teams
Collaborate, maintain and build relationships with Amgen and other parties that may impact Cybersecurity services and technologies
Doctorate degree in Engineering, Information Systems, or Computer Science & 2 years of directly related experience
Master’s degree in Engineering, Information Systems, or Computer Science & 5 years of directly related experience
Bachelor’s degree in Engineering, Information Systems, or Computer Science & 7 years of directly related experience
Associate’s degree in Engineering, Information Systems, or Computer Science & 12 years of directly related experience
High school diploma / GED & 15 years of directly related experience
Broad knowledge of the workings of security-related controls like firewalls, intrusion detection systems, anti-malware, secure gateways, security monitoring, data encryption, and other industry-standard techniques and practices.
Extensive experience with security application tools and systems, ie Cylance, Domain Tools, O365: Security & Compliance Module, QRadar, Phantom, Symantec Endpoint Protection, Tanium, Tufin, ThreatGrid
Ability to understand and quantify risks. Determine methods of addressing the risks and gaps to implement appropriate security controls
Proficient in Incident Management and Response
Experience in security device management and SIEM (QRadar, Splunk)
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Proficient in preparation of reports, dashboards and documentation
Good communication and leadership skills
Experience in performing vendor management
Ability to handle high-stress situations
Ability to piece together different and complex technologies and solutions to help provide a solution that meets security requirements
Thorough knowledge of digital network telecommunications including TCP/IP and other related network protocols.
Practical Knowledge of Information Security standards and policies like ISO 27001/27002, NIST, and others
Excellent verbal and written communication skills
Effective working in global teams with the ability to effectively communicate and interact with a broad range of people and roles
Accepts responsibility and personal accountability
Successful management of multiple priorities
Must be collaborative, placing priority on the successful completion of team goals
Must be highly motivated and able to work effectively under minimal supervision
Experience with complex technologies that impact security
Master Degree in Engineering, Information Systems, or Computer Science
At least 5 years as a security manager supporting a multinational organization
CISSP or equivalent security-related industry certifications
We understand that to successfully sustain and grow as a global enterprise and deliver for patients — we must ensure a diverse and inclusive work environment.
Amgen is an Equal Opportunity Employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.