Want a 3D Career? Join Norgine.
At Norgine, our colleagues Dare themselves to be different and try new things, Drive to achieve their goals and beyond, and Develop themselves and their community.
We call it the 3D career at Norgine and it offers you a fully-rounded experience with no limits.
Bring everything about yourself that you’re proud of, whether that’s your passion for making a difference, focus on others’ well-being, or intellectual curiosity to unleash in a fast-paced environment and supportive community.
In return, get a sense of belonging, a long-term career with ongoing development and upskilling, and a company that cares about people’s wellness as much as you do.
Because at Norgine, we transform lives with innovative healthcare solutions.
We have an exciting opportunity for a highly skilled, experienced and motivated senior IT Security Analyst to join Norgine.
This is a senior position and will report to Director of IT Governance, directing and supporting Level 1/Level 2 SOC analysts within the wider security team.
The successful candidate will have demonstrable previous experience at Level 1/Level 2 SOC analyst roles, and is expected to operate at a tactical level, leading and supporting the wider security team, looking at the depth and breadth of the security tooling, adjusting the alert thresholds, triaging the indicators of compromise and experience of auditing systems security (red team). This knowledge will be tested.
Further to this, they must be confident in communicating, training, presenting technical concepts to key stakeholders in the wider business and have a comprehensive understanding of Governance and Compliance frameworks with the ability to directly contribute, create, refine security policies, processes and controls.
In this role, you will be responsible for safeguarding our company's information systems by identifying and mitigating security threats.
If you want a multi-dimensional 3D career in a leading healthcare organisation, join us.
Requirements
* Advanced incident response and threat hunting, leading investigations into sophisticated threats and proactively searching for hidden indicators of compromise.
* Collate, share and present security performance (KPI/Metrics) and concepts to the wider business to ensure transparent communication and alignment with agreed security goals.
* Conduct thorough technical security reviews of both new and existing services, documenting findings, and implementing necessary measures to ensure they meet the requirements as set out by the security team at Norgine.
* Leading incident management solutions with internal stakeholders and external partners, working with the wider team on the response and recovery of data and assets in the event of a cyber breach.
* Assist in the management of the security requirements of the supply chain through the technical analysis of systems and applications within Norgine.
* Oversee the effectiveness and deployment of cyber security tools and technologies on a regular basis to ensure optimal performance and responsiveness.
* Understand and advise on the current and emerging Cyber Security legal/compliance measures which Norgine need to adhere to, relevant to where the business operates. Identify opportunities for improvement to be aligned with emerging legislation.
* Collaborate with the Security team to engage and lead projects with external partners and internal stakeholders to conduct penetration tests, interpret results, and develop response plans to address identified vulnerabilities.
* Oversight of the analysis of legacy operating systems and services, identifying potential security risks, and work with relevant stakeholders to implement security hardening or network isolation solutions where necessary.
* Participation in the internal and external security audits to ensure that there is compliance to the required security and associated data protection standards.
* Monitor and assess the patch status of IT assets to ensure compliance and minimize vulnerabilities.
* Policy development and oversight. Directly contributing to creating or refining security policies, standards or procedures. Review and test the applicability of the security policies, processes, and controls to ensure their effectiveness within the business and alignment with best practices.
* Act as a subject matter expert, providing guidance and support to internal project delivery pipeline, BAU initiatives, and changes to ensure compliance with security policies and architectural principles.
* Maintain the Cyber Technology roadmap, working with the Technology team to research and propose innovative solutions to security challenges that may reduce Norgine’s risk and threat profile.
* Provides direction and input into the security incident response process, including supporting the development of new incident monitoring use cases, reviewing alerts generated by monitoring tools, and leading the coordination of security incidents.
* Provide assurance monitoring on standard, serviced and privileged access management, to ensure that the partners involved are efficient and effective in the delivery of this function.
You will:
* Hold security certification (e.g. OSCP, OSCE, CISSP, CySA+, Security+, Pentest+).
* Have expert knowledge and comprehensive understanding of cybersecurity, governance & compliance frameworks principles and have demonstrable experience operationalising these and integrating into business processes.
* Be a team player, working closely with a team of security professionals, IT colleagues and the wider business to implement security measures and ensure compliance with industry standards.
* Have exceptional organisational skills and the ability to prioritise and manage tasks in a fast-paced environment, being an effective communicator excelling in remote environments while staying organised and adaptable to evolving threats.
* Strong experience of working in a highly regulated environment e.g. pharma, financial.
* Strong, demonstrable experience in IT Security as SOC analyst at a minimum of level 2 SOC analyst.
* Strong knowledge of security protocols, tools, and techniques. Not limited to:
* Azure Cloud Security experience with Defender for Cloud, Conditional Access, Sentinel, IAM, PIM.
* Experience in Crowdstrike EDR and Identity Protection.
* Experience using advanced Crowdstrike Logscale Queries (FQL) and advanced Kusto queries (KQL).
* Experience with Incident Response, Forensics and required tools.
* Demonstrable experience with Penetration testing, planning and scoping, execution, and reporting. Familiarity with red/blue team exercises. Red Team knowledge will be tested.
* Hands-on experience with proactive Threat Hunting across various environments.
* Deep understanding of firewalls, IPS/IDS, VPN, and network segmentation.
* Experience with Data Loss Prevention (DLP) and Microsoft Purview.
* Experience with ZTNA solutions.
Our benefits may vary per location. Please liaise with the Norgine TA representative to obtain more information.
Sound good? Find out more about the career you’ll have with Norgine, then apply here.
#J-18808-Ljbffr