Job
Description
What you will do In this vital role you will work for the Manager of Endpoint Security, in direct support of the global endpoint management group. This position will provide essential services that enable us to better pursue our mission. Amgen is searching for a Specialist Security Engineer covering Email and Data Loss Prevention (DLP) technologies. This role will work for the Manager of Data Security in direct support of the global email management group. This position will provide essential services that enable us to better pursue our mission. Specialist Security Engineers operate, lead, and improve Amgens email security and email DLP solutions. In our Data Security team, they will identify emerging risks related to changes in communications technologies, advise management, and develop technical remediations to address those risks. Specialists lead the development of processes and procedures for multiple solutions which enable business units to identify and remediate data exposures. They run multiple projects simultaneously to implement and improve the data security protections and use advanced analytics to demonstrate success. This engineer will play a key role in educating technologists and business leaders about the security strategies that both protect and enable business processes related to cloud data handling. Lets do this. Lets change the world. In this vital role you will: Designs, operates, maintains, and enhances capabilities for the technical systems that ensure protection of email for all Amgen global operations. Identifies new risk areas for data and plans controls to mitigate those risks. Researches new technologies, processes, and approaches based on industry practices and recommends future plans for data protection. Includes developing and implementing the roadmap for migrating DLP & email controls into the cloud. Authors procedures and guidelines and advises on policies related to email and data protection requirements and remediation or investigation of violations. Develops and conducts training on email protection technologies for operations staff. Educates business leadership about data risk. Consults to other technology groups on email protection strategies and recommends appropriate points of both technical and process integration. Partners with the Manager of Data Security to collaborate closely with legal and human resources leadership on violation remediations. Collaborates with cloud strategy leaders and business unit leadership to ensure that email and data protection are incorporated by design into new business projects. Collaborates with Data Security Engineers to integrate data protection technology into the operations of traditional Data Loss Prevention operations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Doctorate degree OR Masters degree and 4 to 6 years of Information Security or Information Technology experience OR Bachelors degree and 6 to 8 years of Information Security or Information Technology experience OR Diploma and 10 to 12 years of Information Security or Information Technology experience Preferred Qualifications: Familiarity with one or more security frameworks, especially in regulated environments. Holds or is actively seeking one or more security related certifications, preferably with a focus on cloud technologies or data protection. Proficiency specifying requirements for technical systems, as well as designing, implementing, and operating those systems. Expertise in global IT operations, including an understanding of regulatory and cultural differences encountered when dealing with international peers and customers. Demonstrated competence maintaining email systems and applications on Windows, MacOS & iOS based operating systems. Skill with elements of the O365 services, including hosted and on-prem exchange, Azure Information Protection (AIP), Microsoft Information Protection (MIP), Microsoft 365 Security, Microsoft Defender for Office 365, Microsoft Defender for Endpoint, and related security and compliance features. Basic capabilities with programming or scripting languages. Skill with elements of the O365 services, including hosted and on-prem exchange, Azure Information Protection (AIP), Microsoft Information Protection (MIP), Microsoft 365 Security, Microsoft Defender for Office 365, Microsoft Defender for Endpoint, and related security and compliance features. Understanding of mail technologies from a security perspective including the security risks associated with mail and collaboration tools. Experience deploying and configuring related M365 applications such as OneDrive, Teams, Defender and SharePoint Online Good-to-Have Skills Experience crafting the basic cryptographic controls associated with email protection. Working knowledge of programming or scripting languages such as Powershell Experience with project management workstream leadership, preferably using Agile methodology Deep knowledge of the principles of Data Protection, including availability, integrity, and confidentiality of data. Work Hours This position requires you to work from 2:00pm to 10:00pm IST. Professional Certifications: Systems Security Certified Practitioner (SSCP) or Security+ SANS Certifications Soft Skills: Excellent analytical and troubleshooting skills Highly motivated and able to work effectively under minimal supervision Strong written and verbal communication skills in English Successful management of multiple priorities Effective working with global, virtual teams Team-oriented, placing priority on the successful completion of team goals.
