Associate Director

Associate Director - Cloud Security Architect page is loaded

Associate Director - Cloud Security Architect

Apply locations Ireland, Cork time type Full time posted on Posted Yesterday job requisition id R-63800

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

Eli Lilly Cork is made up of a talented diverse team of over 1,600 employees across 38 nationalities who deliver innovative solutions that add value across a variety of Business Service functions including Finance, Information Technology, Medical, Clinical Trials and more.

Eli Lilly Cork offers a premium workspace across our campus in Little Island, complete with flexible hybrid working options, healthcare, pension and life assurance benefits, subsidised canteen, onsite gym, travel subsidies and on-site parking. Inhouse People Development services, Educational Assistance, and our ‘Live Your BEST Life’ wellbeing initiatives are just some of the holistic benefits that enhance the career experience for our colleagues.

Eli Lilly Cork is committed to diversity, equity and inclusion (DEI). We cater for all dimensions ensuring inclusion of all ethnicities, nationalities, cultural backgrounds, generations, sexuality, visible and invisible disabilities and gender, with four pillars: EnAble, Age & Culture, LGBTQ+ and GIN-Gender Inclusion Network. EnAble, our pillar for people with disabilities and those that care for them, partners with the Access Lilly initiative to make our physical and digital environment accessible and inclusive for all. Together they are committed to promoting awareness to create a disability confident culture both at Eli Lilly Cork and beyond.

Come join our team - Be Creative, Be an Innovator, and most of all, Be Yourself.

Cloud Security Architect

Main Attributes:

• Job description: The successful candidate will lead security architecture reviews focusing on cloud security and serve as a line supervisor onsite in Cork, Ireland for team members across several cyber functions.

• Qualifications : Deep technical expertise with a strong focus on cloud security , e xceptional analytical and critical thinking skills , p roven ability in influencing security strategy and vision , s trong communication skills, capable of engaging with both technical and non-technical audiences , d emonstrated experience in developing security architecture and guidelines.

• Key responsibilities : The candidate will conduct security architecture reviews , drive security improvements through threat modeling and risk assessment, and develop reference architectures, design patterns, and security guidelines .

• Team management and collaboration: The candidate will inspire and motivate team members to achieve their full potential, assess their skills and capabilities, and foster a culture of continuous learning and development. The candidate will also collaborate effectively with various stakeholders across the organization, such as legal, , business areas, auditory, privacy, quality and regulatory authorities.

What You'll Be Doing:

As a Cloud-Focused Security Architect at Lilly on the Security Architecture and Engineering team, you will play a pivotal role in a dynamic environment. Your responsibilities include conducting security reviews , driving security improvements through threat modeling and risk assessment, and developing reference architectures, design patterns, and security guidelines, with a focus on cloud security.

In this technical supervisory role, you'll partner with various business units and IT teams to ensure secure technology deployment, aligning with Information Security and enterprise strategies. You will also mentor security engineers, oversee their projects, and contribute to the development of proactive approaches for the support, deployment, and optimization of security toolsets.

How You'll Succeed:

• Leadership & communication skills: Y ou will actively collaborate with both local and remote team members, playing a pivotal role in defining, designing, and executing security strategies. Excellent communication, leadership, and analytical skills are essential for this role. Ability to work collaboratively and influence other teams and stakeholders is imperative.

• Agility : The ability to quickly adapt to the changing threat landscape, iterate and move at the pace of the adversary is critical to success in this role.

• Technical expertise : As a Security Architect, you will craft and help implement tailored security solutions to effectively mitigate threats and risks, leveraging your deep technical knowledge in the field.

• Problem-solving skills: A dept problem-solving abilities are crucial in quickly identifying and addressing threats and opportunities, ensuring the development and delivery of robust security solutions in a timely manner .

• Knowledge of cloud security trends: This role requires staying abreast of the latest developments in cloud security. Integrating these insights into our practices, you will guide and mentor your team towards achieving excellence in security measures.

• Balancing security and operational needs: You will balance stringent security guidelines with operational requirements, maintaining the desired corporate security posture while demonstrating empathy and understanding towards the engineering teams' challenges and needs.

Key Responsibilities:

• Conduct security consulting engagements across the company, focusing on improvements in threat modeling and risk assessment.

• Develop and maintain technical specifications, design patterns, standards as code, and security guidance, with a particular emphasis on cloud security.

• Perform threat analysis and modeling to enable business and technical partners to deliver secure solutions integrated with the SecOps lifecycle.

• Apply threat modeling and analysis frameworks such as MITRE ATT&CK and STRIDE (or STRIDE-LM) in security practices.

• Utilize security controls (Cloud Security Matrix, NIST CSF, CIS Critical Security Controls, etc.) and architecture frameworks (TOGAF, SABSA, etc.) to develop and document technical architecture references, security guidelines, and standards.

• Work closely with partners, including executive leadership inside and outside of Information Security, to identify opportunities to use technology to solve information security and business problems.

• Maintain and expand technical knowledge across security concepts and technologies, driving knowledge growth across security domains.

• Identify technical solutions and drive implementation to support strategic direction, focusing on value, impact, risk mitigation, security controls, privacy controls, detection, response, and quality.

• Prioritize mitigations in relation to technology upgrades, enhancements, and process improvements within the respective domains of accountability.

• Mentor and supervise security engineers, fostering their professional growth and overseeing their threat modeling projects.

What You Should Bring:

• Proficiency in common services used in cloud-based architectures, with expertise in at least one major cloud vendor (AWS, GCP, or Azure).

• Strong understanding of secure application development, threat mitigation tools, and techniques.

• Experience in addressing consumer data regulations and integrating regulatory and industry standards (ISO/IEC, PCI DSS, SOX, HIPAA, FDA, GDPR, CCPA) into cybersecurity designs.

• Knowledge in cybersecurity aspects of M&A integrations and experience with enterprise-level IT applications and infrastructure.

• Broad knowledge across multiple technology areas, coupled with deep experience in specific domains.

• Exceptional critical thinking, analytical reasoning, and thought leadership capabilities.

• Proven ability to define and influence security strategy and vision, while also providing guidance on tactical security initiatives.

• Excellent communication, presentation skills, and ability to adapt messaging for diverse audiences.

• Experience in developing and documenting architecture references, security guidelines, standards, and in applying security controls (Cloud Security Matrix, NIST CSF, CIS Critical Security Controls) .

• Strong experience in threat analysis and modeling, comprehensive understanding of Cybersecurity Engineering/Operations, Incident Response, GRC functions, and demonstrated mentorship skills with a willingness to coach and oversee the work of junior staff.

Your Basic Qualifications:

• Bachelor’s Degree in Cyber Security , Computer Science, Information Technology or related field

Or

• High School Diploma/GED with 4 + years of experience in Cyber Security, Information Technology,or related field.

And

5-10 years demonstrated experience in cloud architecture and security .

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively “Lilly”) are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

#WeAreLilly

About Us

At Lilly we strive to ensure our employees are part of a team that cares about them and our shared purpose of making life better for those around the world.How do we do this? We continue to look for ways to include, innovate, accelerate and deliver while maintaining integrity, excellence and respect for people.We hope that you seek to join us on our journey as we create medicine and deliver improved outcomes for patients across the globe!