Costa Rica, San JoseToday, Lonza is a global leader in life sciences operating across three continents. While we work in science, there's no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that's the kind of work we want to be part of.
**Key responsibilities**:
- Support infrastructure-security-relevant projects by ensuring the implementation of required security controls from the design phase and throughout the lifecycle of the systems. Enforce secure configuration of new and existing assets, design and implement mitigating controls as required
- Define and fully implement effective vulnerability remediation measures on both procedural and technology layers (e.g. system hardening, patching, lifecycle management)
- Drive security culture within IT Infrastructure
- Support IT Security related Infrastructure services and identify potential improvements
- Co-ensure that regulatory security and data protection requirements are fulfilled on the infrastructure level, e.g. GxP and GDPR.
**Key requirements**:
- Master's degree in Computer Science, or Information Security or equivalent work
- or education-related experience.
- At least 4 years of experience in Information technology, of which 1 year in Information Security. Track record of participating in security projects and being the security SME for IT projects.
- An Operation Technology background is desired.
- Professional Security Management certification, such as a Certified Information Systems Security Professional (CISSP), relevant vendor and industry certifications, is desired.
- Knowledge and understanding of relevant legal and regulatory requirements, such as the Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), EU General Data Protection Regulation (GDPR), and Payment Card Industry/Data Security Standard.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, and ones from NIST.
- Resume in English will be required.
Every day, Lonza's products and services have a positive impact on millions of people. For us, this is not only a great privilege but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.
Lonza is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a qualified individual with a disability, protected veteran status, or any other characteristic protected by law.
**Reference: R54938**: