Amgen Jobs

Mobile Amgen Logo

Job Information

Amgen Sr. Associate - Cyber Threat Intelligence in Bucharest, Romania

Narrative:

The Senior Associate Cyber Threat Intelligence Engineer plays an integral role in Information Security for Amgen. The primary responsibility is to support various capabilities within Information Security like security monitoring, endpoint protection, cyber threat intelligence, vulnerability management and others. The Cyber Threat Intelligence Engineer will work with various stakeholders at Amgen in a manner aligned to Amgen’s values to define and implement Information Security Services strategies, standards, tools and processes.

This Cyber Threat Intelligence Engineer will work with other Amgen teams like Security Operations on architecting, designing, and implementing technologies, processes, and other improvements in assigned Information Security capabilities. This will also include participation in on-call activities.

The Cyber Threat Intelligence Engineer will be a part of Amgen’s Information Security team and will be expected to contribute to and help deliver services and projects in other areas of information security.

The role will be part of the Information Security team responsible for delivering security services across Amgen globally. This position will focus on Threat & Vulnerability Management services and technologies but will support the Cyber Security Operations Center. Areas of responsibility include:

  • Monitor external intelligence ingestion and provide metrics for management

  • Contribute to periodic intelligence reports and summaries on various actors and events to senior leadership; participate in related company and/or industry joint intelligence operations activities

  • Provide support and for the organization’s day-to-day counterintelligence and insider threat programs

  • Maintain knowledge of the threat landscape by monitoring open and closed intelligence sources

  • Conduct deep-dive intelligence analysis of suspicious activity and attempted attacks

  • Automate responses to intelligence sources establish end-to-end playbooks

  • Support Cyber Security Operations Center on security incidents including contributing to mock security incident exercises.

  • Build upon existing capability, recommending cutting-edge tools and procedures to detect threats and protect the firm’s intellectual property and assets

  • Produce and share confirmed indicators and intelligence with trusted communities

  • Continuous improvement of relevant intelligence sources and methods

  • Maintain current workflows and develop new ones as needed

  • Implement and maintain API integrations between internal systems to provide enrichment and support workflows

  • Advise incident responders as they develop and coordinate response, containment and remediation capabilities as appropriate

  • Assisting entities in support of formal investigations and/or inquiries to resolve insider threat related matters, employee misconduct, or violations of law

  • Management of technologies and processes relating to assigned Information Security capability including issue identification and resolution, integration with other tools, documentation, gap assessment, gap resolution and continuous improvement of the service

  • Define, provide, and improve metrics on the assigned services including the use of appropriate applications and tools for reporting

  • Develop or participate in the development of business cases and presentations on information security technologies of interest to Amgen

  • Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services.

  • Participate in on-call and perform appropriate escalation of problems and issues

  • Develops, implements, and sustains operational scripts, data structures, libraries and programming code that optimize security in emergent compute patterns with diverse applications throughout the global environment.

  • Analyzes, designs, develops and operates programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.

  • Collaborates cross-functionally with analysts, engineers, data scientists to achieve continuous improvement in cyber defense/resilience.

Cyber Threat Intelligence Engineer will also present project status reports to senior management, adhere to policies and practices relative to technical guidelines and change management processes, and may contribute to the development of new policies and practices by suggesting innovative ideas.

Minimum Qualifications:

  • Bachelor’s degree or higher-level education or work experience equivalent.

  • 3 years experience in Information Security

  • Excellent written and verbal communication skills

  • Passionate, collaborative and results oriented

  • Clear understanding of and ability to manage cognitive biases

  • Ability to relate same to development of information and intelligence reports

  • Detailed knowledge of Windows and/or Linux systems and associated scripting languages

  • Entry level security certification (CompTIA Security+, Microsoft MTA Security, ISACA CSX, GISF, SSCP)

  • Demonstrated experience working with any of the following:

  • Security Information and Event Management

  • Vulnerability Management

  • Endpoint Security

  • Web Security

  • Incident Response

  • Detailed knowledge of Firewalls, Enterprise E-mail Systems and / or Incident Management.

  • Log analysis capabilities for various security systems or infrastructure devices

  • Attention to detail and focus on providing vetted information

Desired Qualifications:

  • Intelligence Community experience and/or experience at an international institution conducting cyber or security/intelligence related work

  • Working knowledge of global threats to international cyber security, and conversant in the tactics, techniques and procedures used by cyber adversaries

  • Experience with analytical problem solving and familiar with conducting operations relating to insider threat, counterintelligence investigations, and counterespionage.

  • Microsoft`s MCSA / MCSE certifications

  • 5+ years experience in Information Security

  • Static and dynamic malware analysis

  • Develops, implements, and sustains operational scripts, data structures, libraries and programming code that optimize security in emergent compute patterns with diverse applications throughout the global environment.

  • Analyzes, designs, develops and operates programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.

  • Collaborates cross-functionally with analysts, engineers, data scientists to achieve continuous improvement in cyber defense/resilience.

Preferred Certifications (Any):

  • GCIA, GPEN, GWAPT, GCIH, GSEC, OSCP, OSCE, OSCP

  • Insider Threat Program Manager (ITPM), Insider Threat Vulnerability Assessor (ITVA)

Join Us

If you're seeking a career where you can truly make a difference in the lives of others, a career where you can work at the absolute forefront of biotechnology with the top minds in the field, you'll find it at Amgen.

Amgen, a biotechnology pioneer, discovers, develops and delivers innovative human therapeutics. Our medicines have helped millions of patients in the fight against cancer, kidney disease, rheumatoid arthritis and other serious illnesses.

As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other but compete intensely to win. Together, we live the Amgen values as we continue advancing science to serve patients.

DirectEmployers