Job Description

Career Category Information Systems

Role Description
Amgen discovers, develops and delivers innovative human therapeutics. A biotechnology pioneer since 1980, Amgen was one of the first companies to realize the new science’s promise by bringing safe, effective medicines from lab, to manufacturing plant, to patient. Amgen therapeutics has changed the practice of medicine, helping millions of people around the world in the fight against cancer, kidney disease, rheumatoid arthritis, and other serious illnesses. With a deep and broad pipeline of potential new medicines, Amgen remains committed to advancing science to dramatically improve people’s lives.
The Senior Associate Security Engineer plays a meaningful role in building, deploying and maintaining secure and resilient solutions to support Amgen manufacturing operations. The individual will provide security oversight and support for manufacturing and packaging operations with the focus on network security for manufacturing/packaging, automation, and facility systems. This team member be a part of the site manufacturing IS team and will work jointly with Security, Infrastructure and Operations IS teams to implement information security strategies, standards, tools and processes.
This role is to support Manufacturing and will play an integral role in building a holistic technology strategy while crafting roadmaps for successfully driving its tactical execution that aligns with the company’s overall objectives.
Responsibilities:

• Work with Global Security Operations, Networking, Infrastructure Teams, and Local Operations IS to provide guidance to manufacturing operations on security strategies, processes, responses, and technologies.
• Ensures new systems and changes to existing system adheres to network security design standards.
• Conducts periodic reviews for cyber security compliance.
• Participate in audits covering network security and technologies.
• Maintains site-specific architecture, asset management, and sustainability documentation.
• Collaborates with analysts, engineers, and data scientists to ensure secure and resilient architecture throughout the lifecycle of the manufacturing/automation applications.
• Ensures that the manufacturing, packaging, automation, and facilities systems are patched with the latest updates.
• Supports the Intrusion Detection System, Application Safe-listing technologies, Endpoint Protection and Cyber Incident Response, and systems to support business continuity.
• Responsible for early identification of risks, determining impact and mitigation approach, and escalation of site issues.
• Facilitate general information security consulting services and communicate threats, vulnerabilities, and risks to the site to raise staff awareness.
• Work cross-functionally to identify and remove stakeholder resistance and barriers to progress tighter cohesion of GIP within their region.
• Work as part of the local infrastructure team in supporting the manufacturing operations and site IS business requirements.
• Support hardware and software upgrades of infrastructure components within the site
• Support site-specific Audit activities where needed
• Support Enterprise Cyber Resiliency operations
• Lead incident response for local site IS services when necessary
• Follow and adhere to best practices & Change Management processes
• Lead follow-up on identified vulnerability working with operations to remediate
• Coordinate response to Cybersecurity incidents for the entire site
• Coordinate and be the SME for any new requirements (Information Security Risk Assessment / Third-Party Risk Assessment)
• Lead efforts to promote and encourage Security Awareness program
• Lead periodic user training and education for IS security topics
• Support data integrity assessments for operations
• Coordinate changes in service and elevated account passwords with system owners
• Representation for security related issues in audits
• Support Local IS task where needed

• Master’s degree OR
• Bachelor’s degree in IS and/or Computer science and 2 years of directly related experience OR
• Associate’s degree and/or 6 years of directly related experience OR
• High school diploma / GED and 8 years of directly related experience

• Bachelor’s degree in information systems and/or Computer Science and 3 years’ experience
• Prior experience in one or more information protection capabilities like security monitoring, threat intelligence, network protection, data protection, endpoint protection, technical security assessments, and security architecture.
• Knowledge on perimeter security like Intrusion Detection Systems, Intrusion Prevention Systems, Web filtering, Application Filtering and Firewalling.
• Solid understanding of network engineering is required. Preferred candidates will have obtained certified credentials such as Cisco Certified Network Associate (CCNA) or equivalent.
• Practical knowledge of information security standards and policies like ISO 27001/27002, NIST, and others.
• Experience with end-user support operations
• Ability to manage vendors and service providers
• Ability to master, with minimal support, new IS technologies and processes
• Ability to work with clients/ end users on requirements gathering and setting expectations
• Excellent customer services approach
• Strong team player who is able to collaborate with colleagues on complex tasks in a global environment and can provide leadership through influence to achieve desired results
• Excellent verbal and written communication skills.
• Self-starter with a high degree of initiative and the ability to effectively prioritize multiple efforts.
• Experience with regulated systems in the pharmaceutical, biotechnology, or medical device industry is preferred.
• Experience with Operations Technologies (e.g. manufacturing, packaging, automation, and facilities systems) preferred.
• Experience working in a structured IS environment based on ITIL.
• Vendor management and working with Managed Service providers providing maintenance and support of the business and manufacturing systems/networks.