We’re looking for people who are determined to make life better for people around the world.
Eli Lilly Cork is made up of a talented diverse team of over 1,600 employees across 38 nationalities who deliver innovative solutions that add value across a variety of Business Service functions including Finance, Information Technology, Medical, Clinical Trials and more.
Eli Lilly Cork offers a premium workspace across our campus in Little Island, complete with flexible hybrid working options, healthcare, pension and life assurance benefits, subsidised canteen, onsite gym, travel subsidies and on-site parking. Inhouse People Development services, Educational Assistance, and our ‘Live Your BEST Life’ wellbeing initiatives are just some of the holistic benefits that enhance the career experience for our colleagues.
Eli Lilly Cork is committed to diversity, equity and inclusion (DEI). We cater for all dimensions ensuring inclusion of all ethnicities, nationalities, cultural backgrounds, generations, sexuality, visible and invisible disabilities and gender, with four pillars: EnAble, Age & Culture, LGBTQ+ and GIN-Gender Inclusion Network. EnAble, our pillar for people with disabilities and those that care for them, partners with the Access Lilly initiative to make our physical and digital environment accessible and inclusive for all. Together they are committed to promoting awareness to create a disability confident culture both at Eli Lilly Cork and beyond.
Come join our team - Be Creative, Be an Innovator, and most of all, Be Yourself.
Cloud Security Architect
Main Attributes:
1. Job description: The successful candidate will lead security architecture reviews focusing on cloud security and serve as a line supervisor onsite in Cork, Ireland for team members across several cyber functions.
2. Qualifications : Deep technical expertise with a strong focus on cloud security, exceptional analytical and critical thinking skills, proven ability in influencing security strategy and vision, strong communication skills, capable of engaging with both technical and non-technical audiences, demonstrated experience in developing security architecture and guidelines.
3. Key responsibilities :The candidate will conduct security architecture reviews, drivesecurity improvements through threat modeling and risk assessment, and develop reference architectures, design patterns, and security guidelines.
4. Team management and collaboration: The candidate will inspire and motivate team members to achieve their full potential, assess their skills and capabilities, and foster a culture of continuous learning and development. The candidate will also collaborate effectively with various stakeholders across the organization, such as legal,, business areas, auditory, privacy, quality and regulatory authorities.
What You'll Be Doing:
As a Cloud-Focused Security Architect at Lilly on the Security Architecture and Engineering team, you will play a pivotal role in a dynamic environment. Your responsibilities include conducting security reviews, driving security improvements through threat modeling and risk assessment, and developing reference architectures, design patterns, and security guidelines, with a focus on cloud security.
In this technical supervisory role, you'll partner with various business units and IT teams to ensure secure technology deployment, aligning with Information Security and enterprise strategies. You will also mentor security engineers, oversee their projects, and contribute to the development of proactive approaches for the support, deployment, and optimization of security toolsets.
How You'll Succeed:
5. Leadership & communication skills: You will actively collaborate with both local and remote team members, playing a pivotal role in defining, designing, and executing security strategies.Excellent communication, leadership, and analytical skills are essential for this role. Ability to work collaboratively and influence other teams and stakeholders is imperative.
6. Agility: The ability to quickly adapt to the changing threat landscape, iterate and move at the pace of the adversary is critical to success in this role.
7. Technical expertise: As a Security Architect, you will craft and help implement tailored security solutions to effectively mitigate threats and risks, leveraging your deep technical knowledge in the field.
8. Problem-solving skills: Adept problem-solving abilities are crucial in quickly identifying and addressing threats and opportunities, ensuring the development and delivery of robust security solutions in a timely manner.
9. Knowledge of cloud security trends: This role requires staying abreast of the latest developments in cloud security. Integrating these insights into our practices, you will guide and mentor your team towards achieving excellence in security measures.
10. Balancing security and operational needs: You will balance stringent security guidelines with operational requirements, maintaining the desired corporate security posture while demonstrating empathy and understanding towards the engineering teams' challenges and needs.
Key Responsibilities:
11. Conduct security consulting engagements across the company, focusing on improvements in threat modeling and risk assessment.
12. Develop and maintain technical specifications, design patterns, standards as code, and security guidance, with a particular emphasis on cloud security.
13. Perform threat analysis and modeling to enable business and technical partners to deliver secure solutions integrated with the SecOps lifecycle.
14. Apply threat modeling and analysis frameworks such as MITRE ATT&CK and STRIDE (or STRIDE-LM) in security practices.
15. Utilize security controls (Cloud Security Matrix, NIST CSF, CIS Critical Security Controls, etc.) and architecture frameworks (TOGAF, SABSA, etc.) to develop and document technical architecture references, security guidelines, and standards.
16. Work closely with partners, including executive leadership inside and outside of Information Security, to identify opportunities to use technology to solve information security and business problems.
17. Maintain and expand technical knowledge across security concepts and technologies, driving knowledge growth across security domains.
18. Identify technical solutions and drive implementation to support strategic direction, focusing on value, impact, risk mitigation, security controls, privacy controls, detection, response, and quality.
19. Prioritize mitigations in relation to technology upgrades, enhancements, and process improvements within the respective domains of accountability.
20. Mentor and supervise security engineers, fostering their professional growth and overseeing their threat modeling projects.
What You Should Bring:
21. Proficiency in common services used in cloud-based architectures, with expertise in at least one major cloud vendor (AWS, GCP, or Azure).
22. Strong understanding of secure application development, threat mitigation tools, and techniques.
23. Experience in addressing consumer data regulations and integrating regulatory and industry standards (ISO/IEC, PCI DSS, SOX, HIPAA, FDA, GDPR, CCPA) into cybersecurity designs.
24. Knowledge in cybersecurity aspects of M&A integrations and experience with enterprise-level IT applications and infrastructure.
25. Broad knowledge across multiple technology areas, coupled with deep experience in specific domains.
26. Exceptional critical thinking, analytical reasoning, and thought leadership capabilities.
27. Proven ability to define and influence security strategy and vision, while also providing guidance on tactical security initiatives.
28. Excellent communication, presentation skills, and ability to adapt messaging for diverse audiences.
29. Experience in developing and documenting architecture references, security guidelines, standards, and in applying security controls (Cloud Security Matrix, NIST CSF, CIS Critical Security Controls).
30. Strong experience in threat analysis and modeling, comprehensive understanding of Cybersecurity Engineering/Operations, Incident Response, GRC functions, and demonstrated mentorship skills with a willingness to coach and oversee the work of junior staff.
Your Basic Qualifications:
31. Bachelor’s Degree in Cyber Security, Computer Science, Information Technology or related field
Or
32. High School Diploma/GED with 4+ years of experience in Cyber Security, Information Technology, or related field.
And
5-10 years demonstrated experience in cloud architecture and security.
Lilly does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.
#WeAreLilly