SOC Analyst III

About the Department 

The Finance & Operations department brings insights and intelligence to inform decision making & drives digitalization and business solutions to attain NNI goals. Finance & Operations works closely across the organization to guide enterprise-wide resource allocations, investment choices, drive core operations and develop insights to drive growth and operational excellence across the value chain while innovating for future capabilities. Our focus on innovation ensures we're constantly building future capabilities. We're responsible for regulating accounting, upholding workplace safety, managing our supply chain and sampling, supporting technological and data innovation, maintaining our facilities and assuring the integrity and completeness of all business transactions. At Novo Nordisk, you will have the opportunity to build a life-changing career in a global business environment. We encourage our employees to make the most of their talent, and we reward hard work and dedication with opportunities for continuous learning and personal development. Are you ready to maximize your potential with us?

The Position:

This highly technical position directly participates in Global Security Operations activities including prevention, detection, and response to IT security incidents worldwide. The IT Security Operations Specialist will support a wide range of IT security activities including monitoring of alerts, investigation of alerts, incident response, vulnerability response, threat intelligence, and digital forensics. Individuals in this position will also have additional duties assisting with the implementation of IT security strategy and serving as a security advisor to ensure IT systems are implemented and maintained to the highest security standards. Individuals in this position will demonstrate expertise of current enterprise technologies and will also be responsible for performing technical risk and vulnerability assessments at the network, system, and application level.  Some responsibilities developing and implementing security controls and formulating operational risk mitigations.

Relationships:

Reports directly to the manager of Global Security Operations - Americas. Will work closely with IT operations staff, application development teams, system managers, and line of business representatives. This role will interface routinely with key stakeholders including senior security operations personnel, Global Security Operations management team, line of business personnel as well as third party technology service providers.

Essential Functions:

·       Demonstrates high knowledge in multiple domains of IT Security and subject matter expertise in at least one domain such as incident response, vulnerability assessment, or threat intelligence

·       Works under only general direction. Independently determines and develops approach to solutions. Provides technical solutions to a wide range of difficult problems.

·       Handles complex tasks such as security event analysis, vulnerability assessment, and reporting with no defined procedures in place.

·       Often sets directions and delivers results in own role which have a significant impact to the Global Security Operations organization or its stakeholders in areas such as incident response, vulnerability management, and threat intelligence through application of expertise and established process in these functions

·       Provides guidance and training to less experienced professional or support staff.  Demonstrates leadership capabilities.  Assists in leading a project in the development and implementation of processes and programs

·       Leverages knowledge of topics such as networking, operating systems, application architecture, cloud, log management, SIEM, SOAR, case management, and investigative techniques

·       Serves as area specialist within one or several functions across Global Security Operations. Within these functions the individual recognizes and responds to stakeholder needs and ensures commitments are delivered upon

·       Engages in frequent internal and cross-organizational contact.  Works closely with external vendors. Represents organization in providing solutions to difficult technical issues associated with specific projects

·       Operates common tools and systems for vulnerability assessment, penetration testing, network intrusion detection, intrusion prevention, network analysis, log management, SIEM, and SOAR.  Applies subject matter knowledge to solve common needs such as verifying vulnerabilities, confirming security incidents, developing reports, and resolving system errors

·       Proactively works to sustain operations through activities such as procurement and renewals for software and hardware support. Plan for systems licensing, lifecycle management, and capacity. Gathers quotes and request purchasing of software, services, and hardware as needed for projects. Participate in the IT Security planning and budgeting process

·       Demonstrates ability to identify better practice and create improvements in methods, techniques, approaches, etc.

·       Participates in evaluation of new security tools, techniques, and technologies

·       Applies knowledge of common enterprise IT architectures, platforms, and services such as client/server, SaaS, PaaS, and IaaS

·       Applies knowledge of information security of common threats, vulnerabilities, and exposures applicable to IT systems

Physical Requirements:

5% overnight travel required.

Qualifications:

·       A Bachelor’s degree in Computer Science, Information Systems, or Information Security is required; relevant experience may be substituted for degree when appropriate. Advanced degree preferred

·       A minimum of 6 years of progressively responsible relevant experience

·       Ability to lead a project in the development and implementation of processes and technology

·       Ability to develop and maintain relationships within the global organization

·       Strong attentional to detail is required

·       Experience with incident response and digital forensics required

·       Vendor neutral technical certifications (CISSP, CISM, GCIH) preferred

·       Vendor sponsored and professional certifications (Microsoft, AWS, etc.) ) desirable

The base compensation range for this position is $96,670 to $178.840 Base compensation is determined based on a number of factors. This position is also eligible for a company bonus based on individual and company performance. 

Novo Nordisk offers long-term incentive compensation and or company vehicles depending on the position's level or other company factors.

Employees are also eligible to participate in Company employee benefit programs including medical, dental and vision coverage; life insurance; disability insurance; 401(k) savings plan; flexible spending accounts; employee assistance program; tuition reimbursement program; and voluntary benefits such as group legal, critical illness, identity theft protection, pet insurance and auto/home insurance. The Company also offers time off pursuant to its sick time policy, flex-able vacation policy, and parental leave policy.

We commit to an inclusive recruitment process and equality of opportunity for all our job applicants.

At Novo Nordisk we recognize that it is no longer good enough to aspire to be the best company in the world. We need to aspire to be the best company for the world and we know that this is only possible with talented employees with diverse perspectives, backgrounds and cultures. We are therefore committed to creating an inclusive culture that celebrates the diversity of our employees, the patients we serve and communities we operate in. Together, we’re life changing.

Novo Nordisk is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, protected veteran status or any other characteristic protected by local, state or federal laws, rules or regulations.

If you are interested in applying to Novo Nordisk and need special assistance or an accommodation to apply, please call us at 1-855-411-5290. This contact is for accommodation requests only and cannot be used to inquire about the status of applications.