Skip to main content
Search Jobs

Security Operations Center (SOC) - Incident Response

Indianapolis, Indiana

Apply NowApply Later
Req ID R-15428 Title Security Operations Center (SOC) - Incident Response City Indianapolis State / Province Indiana Country United States

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 35,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

Position Overview - Description:

The Tier 3 - Incident Response Analyst is responsible for handling Information Security Incident (ISI) escalations and managing ISIs throughout the incident life cycle.

 This role requires the ability to work independently on daily information security operational tasks. This position requires a deep, yet broad technical knowledge of tools and technologies; an eye for critical details while troubleshooting issues; and a fundamental understanding of core IT infrastructure. The ideal candidate should be able to deal with ambiguity and have the technical breadth to find negotiated solutions in complex and high-pressure situations. 

Position Overview - Responsibilities:

  • Lead efforts in responding to ISIs.

  • Report, track, monitor and close out ISI cases and issues.

  • Maintain alignment to all defined Incident Response Service Level Agreements.

  • Coordinate and document lessons learned and track issues to remediation.

  • Interact with internal Business Units and other external entities to address advanced ISIs.

  • Partner with key business partners including Legal, Privacy and Human Resources regarding approach to advanced ISI cases.

  • Serve as the Cybersecurity expert in providing recommendations and guidance to the respective Business Partners, the Incident Response team and Operations Lead Consultant for further review and remediation.

  • Represent the Incident Response team for Proactive Threat Management triage and engagement.

  • Document all actions taken for escalated ISIs.

  • Recommend controls and process improvements based upon external threat indicators, industry trends, and lessons learned.

  • Provide rotational on-call availability for ISIs raised outside of normal business working hours

Basic Requirements:

  • Bachelor’s Degree in Computer Science/Information Technology or related field

  • 4+ years of Information Security related experience.

Additional Skills/Preferences:

  • Information Security Certifications such as: CISSP, CISM, GCIH, GCIA, GCFA, GREM.

  • 2 or more years of computer forensics.

  • Information Security experience focused on cloud environments.

  • Knowledge of specific operational impacts of cybersecurity lapses.

  • Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.

  • Knowledge of network traffic analysis methods.

  • Knowledge of packet-level analysis.

  • Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).

  • Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation state sponsored).

  • Skill in preserving evidence integrity according to standard operating procedures and industry standards.

  • Skill in performing damage assessments.

  • Perform cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability and making recommendations that enable expeditious remediation.

  • Perform cyber defense trend analysis and reporting.

  • Certifications addressing identification of malicious system and user activity, incident response in an enterprise environment, incident response process and framework, timeline artifact analysis, timeline collection, timeline processing, volatile data collection, filesystem structure and analysis, artifact analysis

Additional Information:

  • Travel: 0-10%

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively “Lilly”) are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

To submit resume, visit and apply to Req ID R-15428.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

Apply NowApply Later

About Science

Our scientists and researchers are developing the breakthrough medicines of tomorrow. Join us and become a creative innovator and thinker who can improve the lives of millions.

Recruiting Events

We’d love to meet you to discuss career opportunities. Check our calendar now to see when we’ll be in your area.

View All Events

Stay Connected

Job Alerts

By signing up for job alerts, you’ll be the first to learn about opportunities that could be a great fit for you via periodic email updates.

Sign Up

Join Our Talent Community

Share a bit about yourself, such as the career area you are interested in. We will then reach out to you when the perfect position is available!

Sign Up

Sign Up

Areas of InterestSearch for a category, location, or category/location pair, select a term from the suggestions, and click "Add.”