IS Security Engineer

Amgen is one of the world’s leading biotechnology companies. Amgen is a values-based company, deeply rooted in science and innovation to transform new ideas and discoveries into medicines for patients with serious illnesses.

he Specialist IS Security Engineer plays an integral role in Information Security for Amgen. The primary responsibility is to support various functions within Information Security especially in the areas of Security Analytics and Continuous Information Security Monitoring. The Security Engineer will work with various stakeholders at Amgen in a manner aligned to Amgen’s values to define and implement Information Security Services strategies, standards, tools and processes. This Security Engineer will work with other Amgen teams like Security Operations on architecting, designing, and implementing technologies, processes, and other improvements in security analytics, continuous information security monitoring and related areas. This will also include participation in on-call activities. The Specialist IS Security Engineer will be a part of Amgen’s Information Security team and will be expected to contribute to and help deliver services and projects in other areas of information security. This role is based at Amgen's corporate headquarters in Thousand Oaks, California. The role will be part of the Information Security team responsible for delivering security services across Amgen globally. This position will focus on Protect & Detect services and technologies.

* Management of technologies and processes relating to continuous information security monitoring including issue identification and resolution, documentation, gap assessment, gap resolution and continuous improvement of the service * Keep up-to-date, make recommendations, and lead or participate in the implementation of technologies and services in security analytics and the continuous information security monitoring domain * Work with and provide guidance to Security Operations and other Information Security team activities on security strategies, processes, and technologies. * Define, provide, and improve metrics on the assigned services including the use of appropriate applications and tools for reporting * Develop or participate in the development of business cases and presentations on information security technologies of interest to Amgen * Advise project teams, application owners, and other Information Security teams on information security controls * Perform security design consulting in support of projects * Participate in Security Architecture reviews and meetings * Participate in projects or initiatives where an IS Security Engineer is needed with a focus on ensuring inclusion of information security requirements * Provide mentorship and training on areas of expertise to Information Security and Amgen teams * Collaborate, maintain and build relationships with Amgen and other parties that may impact Protect & Detect services and technologies * Participate in audits covering information security services and technologies * Provide support for forensic investigations, eDiscovery and data preservation on an as-needed basis * Participate in proactive research and provide recommendations for continuous improvement on information security technologies, processes and services. * Participate in on-call and perform appropriate escalation of problems and issues * Specialist IS Security Engineers will also present project status reports to senior management, adhere to policies and practices relative to technical guidelines and change management processes, and may contribute to the development of new policies and practices by suggesting innovative ideas.

* Doctorate degree or * Master’s degree & 3 years of Information Systems experience or * Bachelor’s degree & 5 years of Information Systems experience or * Associate’s degree & 10 years of Information Systems experience or * High school diploma / GED & 12 years of Information Systems experience **Preferred Qualifications:** * Master's degree in Engineering, Information Systems, or Computer Science with 5+ years as a senior security engineer supporting a multinational organization * Strong experience in security analytics and security monitoring specifically on different logging technologies (e.g., syslog), security information and event management solutions (e.g., QRadar), visual analytic tools (e.g., Spotfire or Tableau) * Experience in using and managing Linux-based operating systems and developing Perl or Python scripts * Practical Knowledge of Information Security standards and policies like ISO 27001/27002, NIST, and others * Excellent verbal and written communication skills * Demonstrated success in leading multi-functional initiatives without formal authority through the use of strong influencing and negotiating skills * Effective working with global, virtual teams * Ability to manage multiple priorities * Team-oriented, placing priority on the successful completion of team goals * Self-starter with a high degree of initiative * Motivated and ability to work effectively under minimal supervision * Experience with regulated systems (GxP, SOX) in the pharmaceutical, biotechnology, healthcare industry * Excellent analytical and troubleshooting skills * Experience with complex technologies that impact security * Experience with technical documentation as it relates to the delivery of information security services in a regulated environment * CISSP or equivalent security-related industry certifications