Career Category

Job Description

HOW MIGHT YOU DEFY IMAGINATION?
THE AMGEN CAPABILITY CENTER IN LISBON, PORTUGAL (ACCP) will be home to over 300 multi-national and multi-cultural employees, representing a broad range of cross functional capabilities, including Commercial, General and Administrative, Research and Development and more. The ACCP will offer rich career growth and development opportunities, regional and global exposure and the opportunity to LIVE, WIN and THRIVE in one of Europe’s most attractive cities.

If you feel like you’re part of something bigger, it’s because you are. At Amgen our shared mission—to serve patients—drives all that we do. It is key to our becoming one of the world’s leading biotechnology companies. We are global collaborators who achieve together—researching, manufacturing and delivering ever-better products that read over 10 million patients worldwide. It’s time for a career you can be proud of. Join us.

Specialist IS Security Engineer – Control Assurance

LIVE
WHAT YOU WILL DO

This Specialist - Information Security Engineer role is a vital part of GIP’s Governance, Risk and Compliance team. In this technical position you are responsible to stand up information security control assurance capabilities and automate them. To be successful, you will require strong collaboration with the Information Systems (IS) Leadership Team, service owners, engineers, and other Amgen internal partners such as Finance, Compliance, Corporate Audit and Law to develop, maintain, and enhance Amgen’s Information Assurance capabilities. You will bring forth out of the box thinking, an agile mindset and innate understanding of IT risks and controls to empower IT process and product owners to build and maintain IT solutions with compliance, by design. You will become an advisor and an authority on information security and GRC throughout the organization.

You will perform the following activities and any additional tasks required to monitor, evaluate and continuously improves Amgen's information security posture, to effectively reduce risks and satisfy the security objectives of the organization.

• Design, develop and manage information security assurance capabilities to include all forms of technologies, platforms, applications and systems.
• Contribute to the strategic development of the Information Protection Governance Framework by supporting the development and maintenance of information security policies, standards, and guidelines in alignment with applicable laws, and common security frameworks.
• Perform design and operating effectiveness testing of controls for complex IT systems.
• Understand and map IT / business processes, evaluate automated controls’ design and functionality in various IT security processes.
• Assess the risks of the IT audit findings, identify mitigating controls and incorporate in IT process framework continual improvement.
• Map regulatory requirements across functions to identify compliance and audit response efficiencies while liaising with internal auditors and IT service owners to ensure information assurance processes are mature, and outcomes are effective by appropriately addressing and escalating relevant risks to policy and regulatory compliance.
• Communicate directly with cross-functional team members to confirm requirements, brainstorm solutions, and clarify business objectives.
• Bring in technical expertise and interest in the dynamic landscape of changing technology environments, implementation methodologies and make decisions on frameworks used to support responsible functions (e.g., AI, machine learning, Dev Ops, etc.).
• Align responsible functions with greater Information Systems strategy.
• Lead and coach staff to provide clear documentation for delivered solutions and processes, integrating documentation with the appropriate corporate partners.
• Identify prioritized business requirements for information governance and assurance centric solutions.
• Ensure quality of work and timeliness across different functional deliverables; take ownership of issues and coordinate through to completion.

WIN
WHAT WE EXPECT OF YOU

• Bachelor’s degree in computer information systems, computer science, or equivalent experience.
• 7+ years of relevant experience across IT compliance, IT audit, IT risk management, information security consultancy and IT governance and assurance.
• 3+ years of experience within a regulated industry.
• Strong knowledge of and experience in information security requirements, standards and practices (e.g. NIST CSF & 800-53, ISO2700x, COBIT).
• Deep understanding of information security and keeping up to date with the latest and emerging cyber-security threats.
• The ability to easily translate technical language into business terms.
• Understanding of security controls for cloud technologies/environments.
• Demonstrated ability to understand the concepts of cloud and other emerging technologies, lean methodologies to propose appropriate controls and compliance guidance.
• Experience authoring IT and security policies, procedures and methodologies.
• Effective communication with senior leadership and medium to large audience discussions and presentations.
• Experience working in Agile and/or DevOps teams.
• Working experience with Governance, Risk and Compliance (GRC) tools
• Must have strong organizational and interpersonal skills.
• Working in large / global corporate environments.
• Outstanding teaming skills encompassing cross-functional teams, peer relationships, informing, understanding and appreciating differences.
• Ability to effectively facilitate and drive organizational change.
• One or more industry-standard security certifications, including but not limited to: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), SANS Global Information Assurance Certifications (GIAC).

THRIVE
WHAT YOU CAN EXPECT OF US

As we work to develop treatments that take care of others, so we work to care for our teammates’ professional and personal growth and well-being.

• Vast opportunities to learn, develop, and move up and across our global organization.
• Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act.
• Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth and career benefits.
• Flexible work arrangements.

APPLY NOW
FOR A CAREER THAT DEFIES IMAGINATION
In our quest to serve patients above all else, Amgen is the first to imagine, and the last to doubt. Join us.
CAREERS.AMGEN.COM

EQUAL OPPORTUNITY STATEMENT
Amgen is an Equal Opportunity employer and will consider you without regard to your race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.