At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.
Within the Cybersecurity organization, the Business Information Security Organization (BISO) supports the adoption of Cybersecurity initiatives within business areas and influences the Cybersecurity organization based on business needs and risks. The Lilly Business Units Cybersecurity Business Analyst is a key resource within that team. They are an advanced professional who applies comprehensive expertise across a function or region. They make impactful decisions, solve major problems, and build key customer relationships within their scope of responsibility, ensuring the ongoing partnership between Cybersecurity and Lilly Business Units across the globe.

TECHNICAL SKILLS:

• Requires Cybersecurity depth and/or breadth.
• Recognized as the internal expert in their area.
• Makes complex technical decisions within general functional, company, and industry guidelines.
• Anticipates, identifies, and solves complex technical problems affecting the functional or business area.
• Exercises expert-level judgment to tackle complex technical or operational challenges.
• Applies deep knowledge of company, industry, and regulations/policies.
• Stays ahead of industry advancements to maintain a competitive edge.
• Viewed as a go-to expert resource for their function or region.
• Develops innovative solutions leveraging deep specialization.
• Stays current on leading practices, regulations, and industry trends.

YOUR BASIC QUALIFICATIONS:

• Bachelor’s degree in computer science, Cybersecurity, or a related field; a graduate degree is preferred.
• 5+ years of experience in IT or cybersecurity strategy, governance, and operations.
• Comprehensive expertise across cybersecurity domains, including prevention, detection, response, recovery, and compliance.
• In-depth knowledge of industry regulations, security frameworks (NIST, ISO, etc.), and global IT risk standards.
• Established expertise in managing cyber programs, complex projects, and cross-functional teams.
• Recognized industry certifications (CISSP, CISM, CRISC) are required.

• Lead business-focused Cybersecurity strategic, operational, and tactical efforts on the Lilly Business Units Cybersecurity roadmap, including data security, working securely, and business enablement programs.
• Facilitate the adoption of business-facing Cybersecurity initiatives within Lilly Business Units through partnership with Cybersecurity teams.
• Align the priorities between cybersecurity and the businesses to ensure security is embedded in all solutions and any security risk is transparently accepted.
• Build relationships with internal and external customers to assess and reduce Cybersecurity risks. Collaborate across the business and IT teams to raise security awareness, provide advisory services, and influence security-conscious behaviors
• Contribute to Cyber metrics and scorecards socialization with business area leadership. Report key security performance metrics to measure and communicate risk exposure to business leadership.
• Monitor and drive compliance and mitigation activities to ensure the business security posture improvements improve alignment with security policies.
• Ensure security is embedded into systems, security documentation, applications, and processes through secure design and architecture principles.
• Stay current on emerging cybersecurity threats, attack vectors, and mitigation techniques to enhance preventative and detective capabilities.