Engineer - Secops - Identity PAM & Encryption Services

Security Ops Engineer PAM/Encryption

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We're looking for people who are determined to make life better for people around the world.

The team of over 2000 employees, across 60 nationalities, speaking over 30 languages at the Global Business Solutions (GBS) Centre in Cork work across the lifecycle of our medicines, centralizing and transforming key capabilities including: Clinical Development, Regulatory, Medical & Scientific capabilities, Patient Safety, Finance & Procurement, Supply Chain, Global HR, Legal, Ethics & Compliance, Commercial and Technology.

The success of Lilly GBS is underpinned by the company's core values – Excellence, Integrity and Respect for People.

Are you eager to make a significant impact in the cybersecurity field? We are seeking Security Ops Engineer PAM/Encryption roles to infuse our team with innovative ideas and daring solutions. In this position, you will play a crucial role in delivering how our organization ensures secure, appropriate, and timely access to enterprise resources, while also supporting the capabilities that help us achieve and sustain our Identity and Access Management strategy.

This role includes participation in a structured on-call rotation covering the weekends and country holidays, to support our 'follow the sun' model across Kuala Lumpur, Cork, and the U.S. IAM teams. On call coverage is required from Friday 7pm – Sunday 7pm local time with responsibilities focused on resolving priority IAM requests. The on-call responsibilities are designed to support critical operations and ensure timely resolution of issues outside standard working hours supporting 24/7 operational resilience. Team members will work two weekend shifts (Saturday & Sunday), every 4–6 weeks on a rotating schedule for time on call and receive a fixed on-call allowance per day paid monthly in arrears. In addition to the on-call allowance, additional premiums for hours worked during the on-call period will apply at an hourly rate for each hour worked, paid monthly in arrears.

Why this role matters:

Ready to put your mark on the world of cybersecurity? We're looking for a Security Ops Engineer PAM & Encryption to bring a growth mindset, customer focused approach, and fresh perspectives to our team. In this role, you'll be instrumental in shaping how our organization provides secure, appropriate, and timely access to enterprise resources.

The SecOps Engineer for Identity and Access Management (IAM) is a technical role responsible for supporting the company's 24/7 identity privileged access management and encryption platforms and services. This role plays a critical part in ensuring the secure and efficient support of identity and access services within our organization. The responsibilities will encompass day-to-day operations, incident management, change management, and problem resolution related to IAM. This role will also collaborate with cross-functional teams to maintain compliance, address risks, and enhance our IAM program. This includes working closely with the Operation Manager, the Service Leads and Technical leads to ensure alignment of priorities and driving operational excellence.

How you'll make an impact:

Operational Excellence:

• Execute processes for incident management, change management, problem resolution, and continuous improvement that enable Identity services.
• Continuously monitor IAM privileged access management and encryption systems performance and health to ensure optimal operation. Perform regular maintenance tasks to prevent issues.
• Respond promptly to system alerts and incidents, troubleshoot issues, and implement solutions to restore services as quickly as possible.
• Manage and maintain all components of IAM privileged access management and encryption systems. Ensure that all systems are up-to-date with the latest patches and security updates.
• Analyze system performance metrics and make recommendations for improvements. Implement changes to enhance system efficiency and reduce downtime.
• Maintain detailed documentation of system configurations, procedures, and incident reports. Provide regular status updates and reports to management.
• Work closely with other IT teams, developers, and stakeholders to ensure seamless operation of services. Communicate effectively to resolve issues and implement changes.
• Assess current system capacity and plan for future growth. Ensure that resources are allocated efficiently to meet demand.

Provide technical support to users as it pertains to issues and requests on Identity services.

Support response to audit and compliance requests pertaining to Identity services.

Develop and implement solutions to resolve identified problems. Ensure that solutions are tested and validated before deployment.

Perform detailed root cause analysis and document findings. Develop and implement corrective actions to prevent recurrence.

Proactively identify opportunities for process improvements and implement best practices to enhance problem management processes.

Is this you?

• Bachelor's degree in Computer Science, Engineering or related technical field.
• 1-3 years of proven experience in supporting, delivering, and securing Identity and Access Management services specifically with CyberArk, Venafi, and Sectigo Certificates.

Additional Preferences:

• Experience with IT service management (ITIL).
• Knowledge of fundamental security principles.
• Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
• Knowledge of electronic signature services (e.g., Adobe Sign).
• Knowledge of key capabilities and principles for privileged access management including Just in Time Access.
• Experience developing solutions with PowerShell, Python, NodeJS, PHP or other development and scripting languages.
• Critical thinking and analytical reasoning skills.
• Good communication and presentation skills, and ability to adapt messaging for diverse audiences.
• Ability to work with a distributed and virtual team.
• Critical thinking, analytical skills, and thought leadership.
• An understanding of common services used in cloud-based architecture, with experience in AWS and/or Azure, and awareness of cloud platform security and controls.
• Relevant certifications such as CISSP, CISM, or similar.

Eli Lilly Cork offers a premium workspace across our campus in Little Island, with flexible hybrid working options and a total compensation & benefits package that includes competitive pay, bonuses, employee share participation scheme, healthcare, pension and life assurance benefits, subsidized canteen, on-site gym, travel subsidies, and on-site parking. Inhouse people development services, educational assistance, and our 'Live Your BEST Life' wellbeing initiatives are just some of the holistic benefits that enhance your career experience at Lilly.

Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form for further assistance. Lilly does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status. #WeAreLilly