Specialist IS Business Systems Analyst
Amgen is searching for a Specialist IS Business Systems Analyst, IS Service Continuity Management Specialist, who will report to the Principal IS Security Engineer. You will be a member of a global team that enjoys making a difference to peoples lives. At Amgen, our mission is simple: to serve patients.
As an IS Service Continuity Management (ISSCM) Specialist, you will support Amgens most critical systems and related resilience programs including business continuity and disaster recovery by providing oversight, tracking, and reporting that advance Amgens objectives and increase the resilience of Key Computerized Systems (KCS) and dependent critical processes.
This position will be responsible for delivering special processes and related artifacts in the ISSCM space. The role will work with other system owners, service owners, and business units to help them achieve their resilience objectives. Key responsibilities include:
- Leads and supports Disaster Recovery (DR) projects and business continuity initiatives for KCS within the IS Service Continuity (ISSC) team.
- Partners with multi-functional teams (Business Continuity, Information Security, Infrastructure, Incident Management, etc.) to enhance the KCS DR program.
- Conducts risk assessments with system and business owners to identify KCS based on potential impacts of a service interruption to dependent critical business processes. Runs the SharePoint electronic risk assessment form and supporting documents.
- Facilitates and tracks decision-making to obtain management approval of identified KCS and deviations from DR requirements (DR exercise waivers, KCS removal, etc.). Manages the templates used for Amgens Decision-making process known as DAI as it applies to the ISSCM space.
- Implements and leads mechanisms to track KCS DR milestones and deliverables. Collects and analyzes data, identifies and remediates gaps, runs metrics scores, and generates monthly reports. Works with internal groups (IS, Operations, Business Continuity) to transform and integrate metrics data with multiple reporting tools.
- Handles ISSC SharePoint site, including access, design, and tools to support, track, and report ISSC and KCS DR processes, achievements, and deliverables.
- Follows up with KCS teams and management to complete DR requirements.
- Identifies, supports, and communicates KCS DR awareness campaigns. Assigns and tracks ISSC KCS SOP training. Provides training and awareness on KCS DR roles and responsibilities. Provides guidance on KCS DR requirements to KCS owners and others. Develops presentations and provides consultation to IS and business functions related to KCS identification, decision-making, and requirements.
- Maintains the ISSC Standard Operating Procedure. Develops procedures, reference materials, and templates to support the ISSC team, KCS owners, and management. Reviews KCS DR documentation to drive quality, accuracy, and completeness. Reports on issues and works with KCS teams to remediate.
- Collaborates with internal support partners (Internal Audit, etc.) to document and remediate issues and gaps.
- Identifies, leads, and implements process improvements as needed.
- Management and implementation of technologies and processes relating to assigned Global Information Protection (GIP) capability including issue identification and resolution, integration with other tools, documentation, gap assessment, gap resolution and continuous improvement of the capability.
- Keep up-to-date, make recommendations, and lead or participate in the implementation and continuous improvement of technologies and services in assigned information security domains.
- Work with and provide guidance to ISSC and other GIP teams' activities on security strategies, processes and technologies.
- Define, provide, and improve measurement and analysis on the assigned services including appropriate applications and tools for reporting.
- Develop or participate in the development of business cases and presentations on information security technologies of interest to Amgen.
- Advise project teams, application owners, and other Information Security teams (like Identify) on information security controls.
- Perform security design consulting in support of projects including participation to security architecture reviews as necessary.
- Participate in projects or initiatives where an IS Security Engineer is needed with a focus on ensuring inclusion of information security requirements.
- Provide mentorship and training on areas of expertise to GIP.
- Collaborate, maintain and build relationships with Amgen and other parties (including auditors) that may impact Information Security services and technologies.
- Participate in research and provide recommendations for continuous improvement on information security technologies, processes and services.
- Develops, implements, and sustains operational scripts, data structures, libraries and programming code that optimize security in emergent compute patterns with diverse applications throughout the global environment.
- Analyzes, designs, develops and operates programs, shell scripts, tests, and infrastructure automation capabilities in an advanced security context.
- Collaborates multi-functionally with analysts, engineers, data scientists to deliver continuous improvement in cyber defense/resilience.
- Doctorate degree
- Masters degree and 2 years of Information Systems and/or Computer Science experience
- Bachelors degree and 4 years of Information Systems and/or Computer Science experience
- Associates degree and 10 years of Information Systems and/or Computer Science experience
- High school diploma / GED and 12 years of Information Systems and/or Computer Science experience
- Excellent written and verbal communication skills
- Passionate, collaborative and results oriented
- Good interpersonal and communication skills with the ability to effectively interface across all levels of the organization
- Critical thinking and problem-solving skills
- Strong analytical, organizational, and decision-making skills
- Project Management tools and practices. Agile experience helpful.
- Experienced SharePoint site owner (control access, devise solutions)
- Microsoft Office and Adobe Acrobat
- Detailed knowledge of Windows and/or Linux systems and associated scripting languages
- Entry level security certification (CompTIA Security+, Microsoft MTA Security, ISACA CSX, GISF, SSCP)
- Demonstrated knowledge and experience in one or more Information Security capability like security monitoring, threat intelligence, network protection, data protection, endpoint protection, technical security assessments, security architecture
- Experience in using and running Linux-based operating systems and developing Perl or Python scripts
- Experience in complex enterprise environments and current technology areas like cloud and mobility
- Practical Knowledge of Information Security standards and policies like ISO 27001/27002, NIST, and others
- Excellent verbal and written communication skills
- Shown success in leading multi-functional initiatives without formal authority through the use of strong influencing and negotiating skills
- Effective working with globally distributed teams
- Successful management of multiple priorities
- Self-starter with a high degree of initiative
- Highly motivated and able to work effectively under minimal supervision
- Experience with regulated systems (GxP, SOX) in the pharmaceutical, biotechnology, healthcare industry
- Excellent analytical and troubleshooting skills
- Experience with complex technologies that impact security
- Experience with user documentation as it relates to the delivery of information security services in a regulated environment
- 5+ years as a senior security engineer supporting a multinational organization
- CISSP or equivalent security-related industry certifications
- DevOps experience building and deploying infrastructure with cloud deployment, build and test automation technologies like Ansible, Chef, Puppet, Docker, Jenkins, etc.
- Experience programming in compiled (C, C++) and interpreted languages (Python, Ruby etc.).
- Skilled programmer with sufficient experience in high-level programming languages such as C++, C#, Java, Python, Visual Basic
Preferred Certifications (Any):
We understand that to successfully sustain and grow as a global enterprise and deliver for patients we must ensure a diverse and inclusive work environment.
Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
Join UsIf you're seeking a career where you can truly make a difference in the lives of others, a career where you can work at the absolute forefront of biotechnology with the top minds in the field, you'll find it at Amgen.Amgen, a biotechnology pioneer, discovers, develops and delivers innovative human therapeutics. Our medicines have helped millions of patients in the fight against cancer, kidney disease, rheumatoid arthritis and other serious illnesses.As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other but compete intensely to win. Together, we live the Amgen values as we continue advancing science to serve patients.Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.