Information Security Analyst

About Eurofins:

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and the environment safer, healthier and more sustainable. From the food you eat to the medicines you rely on, Eurofins works with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic and labelling is accurate. Eurofins is a global leader in food, environmental, pharmaceutical and cosmetic product testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, CDMO, advanced material sciences and in the support of clinical studies.

In over just 30 years, Eurofins has grown from one laboratory in Nantes, France to 58,000 staff across a network of over 1,000 independent companies in 54 countries, operating 900 laboratories. Performing over 450 million tests every year, Eurofins offers a portfolio of over 200,000 analytical methods to evaluate the safety, identity, composition, authenticity, origin, traceability and purity of biological substances and products, as well as providing innovative clinical diagnostic testing services, as one of the leading global emerging players in specialised clinical diagnostics testing.

Eurofins is one of the fastest growing listed European companies with a listing on the French stock exchange since 1997. In FY 2021, Eurofins achieved a record revenue of over EUR 6.7 billion.

Eurofins IT Solutions India Pvt Ltd (EITSI)

The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Young and dynamic, we have a rich culture and we offer fulfilling careers.

Job Overview:

• Provide direct support to the RISO in managing and implementing security plans for legal entities across the region.
• Assist in the creation, follow-up, and management of remediation plans for identified security risks and non-compliance issues.
• Conduct security risk assessments and ensure that security measures are aligned with the Group's standards and adapted to each legal entity's needs.
• Support the RISO in reviewing and approving changes to systems, processes, and applications prior to deployment.
• Perform and prioritize security audits, vulnerability scans, and reviews (including access rights, firewall rules, cloud compliance, etc.).
• Coordinate and support legal entities during internal and third-party security audits, ensuring compliance with all security policies.
• Conduct security training and awareness programs customized for regional entities, ensuring all staff are informed and compliant.
• Maintain accurate inventories of assets, third-party vendors, and local processes for audit and security monitoring purposes.
• Collaborate with regional and Group IT teams to ensure a security by design approach is applied in all regional architectures, applications, and processes.
• Assist in evaluating third-party vendors to ensure they meet security standards.
• Support the development of Disaster Recovery (DR) and Business Continuity (BC) plans.
• Assist the RISO with the development and implementation of policies, procedures, and guidelines that cater to local regulatory requirements and Group standards.
• Core Responsibilities in Incident Response and Vulnerability Management:
• Assist the RISO in incident response activities by investigating security breaches and incidents in collaboration with the Security Operations Center (SOC).
• Analyze vulnerability reports and assist in remediation efforts, ensuring timely patching and risk mitigation.
• Support the review and approval of firewall rules, configurations, and exceptions to maintain network security.
• Collaborate with the RISO in monitoring for emerging threats and recommending security improvements based on current trends.