Data Security Controls Lead
Company OverviewAt Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 39,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world. #WeAreLilly
Information security risk management and business engagement is an integral component of Lilly’s information security strategy, program and operations. This role will help to drive the establishment and sustain of a mature and strategic, risk-based roadmap, for information security risk management and business engagement programs.
The Data Security Controls Lead functions as a highly skilled security, technology and risk consultant. In this role, you will be responsible for driving various information security risk assessments and program development activities, supporting and providing risk education and risk adversary services and external audit and assessment coordination. You will engage in requirements gathering sessions, solution architecture design, solution construction and the ongoing maintenance of Various GRCs. You will also drive and support efforts to reduce attack surface, and mitigate risk. The position requires technical and operational knowledge of information security, information technology and risk practices.Position Details
- Support the development and/or consolidation, streamlining, and simplification of information security risk management practices
- Drive and support quarterly convergence reporting
- Drive and support the management and integration of the GRC tool and processes
- Drive and support various operational change management activities and efforts
- Support various information security education and awareness activities
- Drive and support data classification, data handling and data lifecycle risk management efforts
- Develop, implement and integrate functional procedures and standards
- Drive and support the risk and control library and maintain a working knowledge of information technology and security risk practices, tools, processes and requirement
- Effectively applies security and risk methodologies as derived from security and risk standards and best practices
- Triage assessment requests for proper prioritization and scoping.
- Serve as assessor for various systems, 3rd parties, and business processes across Lilly
- Bachelors degree
- CRISC, CISSP, CISA, CISM or similar certification or certification
- 5+years of experience in a role conducting or coordinating risk assessments or IT audit work
- 5+ years of experience in leading or working on Information Security, Data Privacy or Compliance/Quality efforts
- 5+ years experience with data management processes
- Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) for this employment position.
- Bachelor's degree in a discipline related to information systems, information security, or risk Demonstrated skills at building and maintaining business relationships
- Demonstrated ability to think and act strategically
- Must have some familiarity with various privacy and security laws, mandates, and frameworks (HIPAA, GDPR, NIST, MITRE, etc…)
- GRC experience a plus
- Six Sigma experience and certification a plus
- Organization change management education and certification a plus
- Willingness to travel internationally less than 10 percent of your time
- Demonstrated ability to lead medium-scale projects or programs and appropriately escalate issues and barriers.
- Problem solving: able to effectively seeks ways to resolve issues in a streamlined approach while acknowledging inherent complexities.
- Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.
To submit resume, visit https://www.lilly.com/careers and apply to Req ID 57659.
Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.
Our scientists and researchers are developing the breakthrough medicines of tomorrow. Join us and become a creative innovator and thinker who can improve the lives of millions.
We’d love to meet you to discuss career opportunities. Check our calendar now to see when we’ll be in your area.View All Events
By signing up for job alerts, you’ll be the first to learn about opportunities that could be a great fit for you via periodic email updates.Sign Up
Join Our Talent Community
Share a bit about yourself, such as the career area you are interested in. We will then reach out to you when the perfect position is available!Sign Up