InfoSec L2 Security Engineer - IST Hours

POSITION RESPONSIBILITIES

Percent of Time

Partner with onshore security teams to design, implement, and maintain security tools and capabilities that support the goals of the Information Security organization.

Enhance and optimize the performance, scalability, and reliability of security operations and vulnerability management tools.

Identify opportunities for improvement by analyzing existing security processes, tools, and workflows, and implement innovative solutions to address gaps.

Support the expansion and maturation of security capabilities, ensuring alignment with evolving business needs, regulatory requirements, and industry best practices.

Collaborate across multiple Information Security functions, including Security Operations, Vulnerability Management, Threat Intelligence, and Security Awareness, to drive security initiatives.

Monitor the effectiveness of implemented security solutions and provide recommendations for continuous improvement.

Assist in the integration and deployment of new security tools and technologies into the organization's environment.

Provide technical expertise and guidance to both onshore and offshore teams to ensure solutions are implemented effectively and securely.

Contribute to the development of documentation, playbooks, and standard operating procedures for security tools and processes.

Stay up-to-date with the latest security trends, vulnerabilities, and technologies to proactively address emerging threats.

100%

ORGANIZATIONAL RELATIONSHIPS

Collaborates closely with onshore security teams, including Security Operations, Vulnerability Management, Threat Intelligence, and Security Awareness.

Works with cross-functional teams such as Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration and operation of security tools.

Partners with Identity and Access Management teams to implement and maintain secure access controls.

Engages with external vendors and service providers to evaluate and integrate third-party security solutions.

Coordinates with internal stakeholders to align security initiatives with business objectives and compliance requirements.

EDUCATION AND EXPERIENCE

Education

University Degree in Computer Science or Information Systems is required

MS or advanced identity courses or other applicable certifications is desirable, including:

o Certified Information Systems Security Professional (CISSP)

Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred

Experience

A minimum of 6+ years of relevant experience with a strong background in security operations, vulnerability management, and security engineering.

2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.

Experience working with global teams across multiple time zones.

Demonstrated ability to work within diverse technical teams.

TECHNICAL SKILLS REQUIREMENTS

Strong knowledge of security tools and technologies, such as SIEM (e.g., Splunk, NextGen SIEM), vulnerability scanners (e.g., Nessus), and endpoint detection and response (CrowdStrike) solutions.

Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash to streamline security processes.

Experience with cloud security tools and platforms (e.g., AWS, Azure, GCP) and securing cloud-native environments.

Solid understanding of network security concepts, including firewalls, IDS/IPS, VPNs, and zero-trust architectures.

Familiarity with identity and access management (IAM) solutions, such as Azure AD, Secret Server, and Sailpoint.

Knowledge of threat detection, incident response, and vulnerability management processes and tools.

Experience with container security and DevSecOps practices.

Strong understanding of encryption technologies, key management, and secure coding practices.

Ability to analyze and interpret security data to identify trends, vulnerabilities, and potential threats.

Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI DSS).

PHYSICAL POSITION REQUIREMENTS

This role will primarily work IST business hours. However, must have some flexibility to work between 1pm IST to 10pm IST as needed for projects and special circumstances.

Full time