Sr. CyberSecurity Engineer

Incyte Corporation - Wilmington, DE (30+ days ago)3.8


Incyte Corporation is a Wilmington, Delaware-based biopharmaceutical company focused on the discovery, development, and commercialization of proprietary therapeutics, primarily for oncology. Our first commercial product, Jakafi®, is approved in the U.S. for patients with intermediate or high-risk myelofibrosis and for patients with polycythemia vera who have had an inadequate response to or are intolerant of hydroxyurea. We have a diverse and growing portfolio of product candidates, including both small and large molecules.

Our Information Technology group is looking for a Senior Cybersecurity Engineer. The CyberSecurity Engineer will be part of the IT Security group and Information Technology team reporting to the head of IT Security.

Primary emphasis will be placed on engineering, operationalizing and optimizing the variety of security tools that have been or will be acquired by Incyte. In addition, the job will entail working closely with the business, infrastructure and application teams to provide security architecture and design review and guidance on their initiatives to further develop Incyte’s security posture.

Essential Functions of the Job

Configure, implement, document and manage security tools used by Incyte including Network Security, End-Point Security, SIEM, DLP, IRM, Vulnerability assessment, Email Hygiene, security awareness and training, patch management and IAM solutions
Provide system hardening guidelines for hardware, network and systems software and conduct assessments for gaps
Provide guidance on security controls and best Practices for on-premise and cloud-based solutions to IT and business teams
Conduct security review of infrastructure and business application initiatives
Conduct security risk assessment and vulnerability assessments for identified areas and applications and guide stakeholders for remediation of identified risks and vulnerabilities
Research new tools and technologies as requested, evaluate options and provide recommendations
Provide guidance to the Security Operations Center (SOC) team for resolution of alerts and incidents
Perform security investigations and document the findings and recommendations for complex incidents, determining the cause of the security incident, resolution and preserving forensic evidence as needed
Develop the knowledge of other security team members by conducting knowledge-sharing sessions
Contribute in driving the creation and modification of Work Practices and SOPs
identify areas for continuous improvement of security related processes
Possess a good understanding of working in a regulated environment

Job Requirements:
BS in Computer Science or equivalent
5 to 7 years of deep experience with Cybersecurity architecture and engineering
Knowledge of networking protocols and technologies and network security architecture and engineering
Knowledge of cloud and on-premise security principles, techniques and technologies
In-depth knowledge and experience with End-Point Security, SIEM, DLP, IRM, vulnerability assessment and patch management solutions
In-depth understanding of risk and vulnerability mitigation
Knowledge of security standards and guidelines from NIST, CSA and ISO
Hands-on administrative experience with Windows Server, Linux, Oracle DB and SQL/Server technologies
Basic Knowledge of ITIL Methodologies
Basic Knowledge and understanding of programing languages (i.e. Java, .Net)
Analytical and problem solving skills
Ability to prioritize and multi-task to achieve competing goals and target dates
Proficiency in written and spoken English
Willingness to learn and improve

Skills preferred but not required:
Certifications in IT Security e.g., CISSP, CISM, CCSP
Good understanding of Data Privacy and GDPR regulations
Experience with Identity and Access Management and Privileged access management
Experience with Active Directory and Group Policy Management
Experience with Microsoft Azure, Amazon AWS, Oracle Cloud and Google Cloud technologies
Experience working in a global environment with a global team
Experience with Enterprise Security Architecture Framework