Career Category

Job Description

HOW MIGHT YOU DEFY IMAGINATION?
THE AMGEN CAPABILITY CENTER IN LISBON, PORTUGAL (ACCP) will be home to over 300 multi-national and multi-cultural employees, representing a broad range of cross functional capabilities, including Commercial, General and Administrative, Research and Development and more. The ACCP will offer rich career growth and development opportunities, regional and global exposure and the opportunity to LIVE, WIN and THRIVE in one of Europe’s most attractive cities.

If you feel like you’re part of something bigger, it’s because you are. At Amgen our shared mission—to serve patients—drives all that we do. It is key to our becoming one of the world’s leading biotechnology companies. We are global collaborators who achieve together—researching, manufacturing and delivering ever-better products that read over 10 million patients worldwide. It’s time for a career you can be proud of. Join us.

Sr. Associate – IS Security Governance & Assurance

LIVE
WHAT YOU WILL DO

The Security Governance and Assurance specialist within Amgen’s Global Information Protection organization plays a critical role in maintaining and advancing the internal security controls environment and contributes to second line of defense information assurance activities for the Amgen IS organization.

The individual will support assigned capabilities within Global Information Protection with the focus on IS governance and assurance activities like maintaining Amgen’s security controls library, managing IS policy exceptions, enabling IS Sarbanes-Oxley (SOX) compliance and advising on improvements of IT controls.

This role will require strong collaboration with the GIP Team, service owners, engineers and other internal stakeholders to maintain and enhance Amgen’s Information Assurance capabilities.

Key responsibilities

You will bring forth out of the box thinking, an agile mindset and proven domain expertise and innate understanding of IS risks and controls to empower IS process and product owners to build and maintain IT solutions with compliance, by design.

You will perform the following activities and any additional tasks required to attest that our systems, applications and infrastructures subjected to different aspects of compliance are able to verify adherence efficiently and effectively.

• Maintain and update the information security controls library
• Lead the IS policy exception management process
• Understand and map the IT business processes, evaluate controls’ design and functionality in various IT security processes
• Assist in operating effectiveness testing of IT controls, including user access management, change management and computer operations for complex IT systems
• Assess the risks of IT audit findings, identify mitigating controls and incorporate in IT process framework continual improvement
• Support the IS SOX controls management and compliance function
• Develop and promote educational mentorship resources that will help facilitate new owners’ understanding of information security, the Sarbanes-Oxley Act and their responsibilities.
• Advise project teams, application owners and other Information Security teams on information security controls
• Participate in projects or initiatives where a security controls specialist is needed, with a focus on addressing risks by ensuring appropriate security controls are implemented
• Working with cross-functional teams as part of the security control assessments
• Collaborate, maintain and build relationships with Amgen and other parties that may impact Information Security services and technologies
• Ensure quality of work and timeliness across different functional deliverables; take ownership of issues and coordinate through to completion
• Providing input and ideas based on industry best practices and actual experience to help evolve the security governance and assurance areas
• Keeping up-to-date with changing technology environments, security assessment and risk management methodologies and standards

WIN
WHAT WE EXPECT OF YOU

Minimum Qualifications

• Bachelor’s degree in computer information systems, computer science, or equivalent experience.
• 4+ years of IT audit, Information Technology / Security control assurance or enterprise IT compliance experience.
• Working knowledge of Information Governance principles and Information Security principles: confidentiality, integrity, and availability.
• Knowledge of international standards for Information Technology and Information Governance.
• Experience working with various technologies, IT frameworks and methodologies.
• Proven ability to understand new technologies and paradigms such as cloud, emerging Big Data technologies, lean methodologies to propose appropriate controls and compliance mentorship.
• Strong written and verbal communication, including the ability to explain technical matters to a non-technical audience.
• Ability to demonstrate solid sense of ownership, detail orientation, keen focus on quality and setting clear expectations.
• Possess strong organizational and collaboration skills.
• Working in large / global corporate environments involving multiple businesses.
• Fluency in English language is required.

Preferred Qualifications

• 3+ years of experience within health, biotechnology/pharma or other regulated industries.
• Working experience in IT SOX compliance.
• Experience working in Agile and/or DevOps teams (SCRUM).
• Working experience with Governance, Risk and Compliance (GRC) tools.
• Exceptional teamwork encompassing cross-functional teams, peer relationships, informing, understanding and appreciating differences
• Strong ability to convey and influence complex information compliance, risk and security issues in a manner that is easily understood and actionable.
• Ability to effectively facilitate and inspire change within the organization.
• Developing / delivering presentations to large audiences and at all levels within the organization
• One or more industry recognized certifications, including but not limited to: Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM); Certified Information Systems Security Professional (CISSP); SANS Global Information Assurance Certifications (GIAC)

THRIVE
WHAT YOU CAN EXPECT OF US

As we work to develop treatments that take care of others, so we work to care for our teammates’ professional and personal growth and well-being.

• Vast opportunities to learn, develop, and move up and across our global organization.
• Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act.
• Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth and career benefits.
• Flexible work arrangements.

APPLY NOW
FOR A CAREER THAT DEFIES IMAGINATION
In our quest to serve patients above all else, Amgen is the first to imagine, and the last to doubt. Join us.
CAREERS.AMGEN.COM

EQUAL OPPORTUNITY STATEMENT
Amgen is an Equal Opportunity employer and will consider you without regard to your race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.