Today, Lonza is a global leader in life sciences operating across three continents. While we work in science, there’s no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that’s the kind of work we want to be part of.
The IT Infrastructure Security Engineer executes the implementation of IT Security Controls, supports the implementation of appropriate measures in terms of processes and technology. The role works in close collaboration with IT Infrastructure colleagues and IT Security & Compliance. Furthermore the role is directly involved in the implementation of the corporate-wide information security management program, pertaining to IT Infrastructure, in regards to secure design and implementation of systems to ensure that Infrastructure assets are adequately protected. This position contributes to reporting on quantifiable security KPIs and drives vulnerability management pertaining to IT Infrastructure. The position holder designs solutions to improve IT security within the IT Infrastructure environment in a sustainable fashion in accordance with life science regulatory practices, advises respective subject matter experts within Lonza and its’ outsourced services. The role is part of a team of infrastructure security subject matter experts and reports to Head of IT Infrastructure Security Engineering. Additionally, this team will support, as required, the Security Operations Center team in case of potential IT security incidents. The position holder will also pro-actively collaborate and communicate with all relevant stakeholders (e.g. IT Security, system owners, etc.). The ideal candidate is an experienced security architect with extensive hands-on experience in the relevant IT fields (e.g. network, virtualization, AD, SQL, etc.), preferably supporting Operational Technology in the life science or manufacturing industry that is subject to regulatory compliance. A strong solution oriented engineering mindset is expected.
Key responsibilities:
1. Support infrastructure security relevant projects by ensuring implementation of required security controls from the design phase and throughout the lifecycle of the systems. Enforce secure configuration of new and existing assets, design and implement mitigating controls as required
2. Define and fully implement effective vulnerability remediation measures on both procedural and technology layer (e.g. system hardening, patching, lifecycle management)
3. Drive security culture within IT Infrastructure
4. Support IT Security related Infrastructure services and identify potential improvements
5. Co-ensure that regulatory security and data protection requirements are fulfilled on the infrastructure level, e.g. GxP and GDPR
Key requirements:
6. Masters degree in computer science or information security or equivalent work- or education-related experience
7. Minimum of 4 years in Information technology, of which minimum 1 years in Information Security. Track record of participating in security projects and being the security SME for IT projects. An Operation Technology background is desired
8. Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), relevant vendor and industry certifications, is desired
9. Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), EU General Data Protection Regulation (GDPR) and Payment Card Industry/Data Security Standard
10. Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and ones from NIST
Every day, Lonza’s products and services have a positive impact on millions of people. For us, this is not only a great privilege, but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.
Reference: R54936