Consultant - Tier 3 Security Operations

Eli Lilly  •  Indianapolis, IN

5 - 7 years experience  •  Biotech/Pharma

Salary depends on experience
Posted on 08/08/17
Indianapolis, IN
5 - 7 years experience
Salary depends on experience
Posted on 08/08/17

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 39,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world. Responsibilities The Information Security (IS) organization directs and demonstrates Lilly’s commitment to protect the confidentiality, integrity and availability of information that enables Lilly’s organizational mission to make medicines that help people live longer, healthier, more active lives. Key to that mission is the implementation and management of the Detect and Respond program that protects Lilly’s core business functions against impacts resulting from cyber-attacks through threat identification, detection, and response activities.

This role is part of the Investigations and Response team that is a dedicated point of contact and a center of excellence for these functions.

The Information Security Incident Response Consultant (ISIC) is responsible for response to identified unmitigated security incidents. This role is a critical component to the program and individuals in this role must have a strong working knowledge of the Detect and Respond use cases and response plans.

The person in this role must be able to facilitate an engaged discussion across a number of key leaders from multiple business functions within Lilly, including key areas of IT including IT infrastructure. The role requires an on-call rotation for after-hours response for high severity security incidents.

This position is located at the Lilly Corporate Center and will report to the Manager of the Investigation and Response team.

Key responsibilities include:

  • Responds to information security incidents according to use case response plans
  • Provides guidance to first responders for handling information security incidents
  • Coordinates efforts among multiple business units during response efforts
  • Provides timely and relevant updates to appropriate stakeholders and decision makers
  • Provides findings to relevant business units to help improve information security posture
  • Creates, verifies and maintains incident response plans and processes to address potential threats
  • Compiles and analyzes data for management reporting and metrics
  • Monitors information security related information streams to stay up to date on current attacks and trends
  • Collaborates with threat intelligence analysts to put in place new mitigations, use cases and response plans
  • Develops collaborative information and knowledge sharingnetworks and builds alliances with colleagues and counterparts internally and externally to the organization around information security incident response
  • Recommends and proposes methods, technologies, or processes that could improve the effectiveness of information security incident response functions including counter measures or mitigating controls


  • Bachelor's degree in Computer Science, Information Technology or related field
  • 5 years of experience in information security, especially in an incident response role
  • Obtain a CISSP® - Certified Information Systems Security Professional certification if not yet held or maintain this certification if already attained
  • An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
  • An understanding of organizational mission, values, and goals and consistent application of this knowledge
  • Strong decision-making capabilities, with a proven ability to weigh the relative risks and benefits of potential actions and identify the most appropriate one
  • An ability to effectively influence others to modify their opinions, plans, or behaviors
  • An ability to work extremely well under pressure while maintaining a professional image and approach
  • An ability to perform independent analysis of complex problems and distill relevant findings and root causes
  • An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
  • A team-focused mentality with the proven ability to work effectively with diverse stakeholders
  • An ability to think analytically and pay attention to detail
  • An ability to problem solve and use critical thinking capabilities in complex environments
  • Knowledge of information security incident response

Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) for this employment position.Additional Skills/Preferences

  • Past military or law enforcementexperience
  • GIAC Certified Intrusion Analyst certification
  • GIAC Certified Ethical Hacker certification
  • CISSP-Certified Information Systems Security Professional certification
  • Advanced knowledge of cyber defense techniques to defend against advanced attackers

Additional Information Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.


Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.