Cybersecurity - Identity Authentication Service Lead

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

What You Will Be Doing:

The Authentication Service Lead will be part of the Lilly Cybersecurity team, responsible for delivering and securing technology that supports the Lilly mission, specifically focused on authentication services and consumer identity. This role is responsible for defining and executing the strategy for the company's authentication capabilities globally including consumer identity. This includes developing technology roadmaps, prioritizing enhancements, driving continuous service improvements, engaging stakeholders, and optimizing the authentication technology stack.   

How You Will Succeed:

Technology Strategy & Roadmap: 

• Develop and maintain an integrated, global authentication roadmap aligned with business objectives, risk posture, and emerging technologies.

• Evaluate and select advanced authentication technologies and vendors to meet evolving business and security requirements.

• Define the long-term strategic vision for authentication services including consumer identity services.

• Build authentication services that are resilient and resistant to evolving threats, leveraging industry best practices and threat intelligence.

• Demonstrate experience in identity-related security incident response and incorporating learnings into authentication roadmaps.

Service Delivery & Optimization: 

• Manage the prioritization, delivery, and continuous improvement of service enhancements based on risk, compliance, and operational criteria.

• Ensure reliability, availability, and operational efficiency of services through defined metrics, SLAs, and architecture optimization.

• Foster an environment focused on innovation, operational excellence, and continuous learning for services.

Stakeholder Engagement and Compliance: 

• Engage with security leadership, architecture, cyber defense, IT, and business stakeholders to understand priorities and ensure alignment.

• Evangelize the Authentication strategy across the enterprise and collaborate with cyber defense operations on threat detection strategies.

• Ensure services enable compliance with regulatory requirements (e.g., PCI-DSS, HIPAA, GDPR) and industry standards.

Compliance & Risk Management: 

• Ensure authentication services enable compliance with regulatory and industry requirements.   

• Define appropriate authentication services controls to mitigate risks identified through security architecture reviews and risk assessments. 

• Provide oversight and guidance during security audits related to authentication services domains. 

Leadership and Team Management:

• Lead, mentor, and develop a high-performing team to achieve outstanding results in all areas of the IAM domain.

• Set performance goals, empower team members, and promote teamwork to maximize productivity and deliver successful technology outcomes.

• Develop and manage the annual budget for Authentication services, including operational and capital expenditures.

• Evaluate, select, and manage IAM vendors through RFPs, product evaluations, and commercial negotiations.

Your Basic Qualifications: 

• Bachelor's degree in computer science, cybersecurity, or a related technical field.

• 10+ years of experience in Identity and Access Management, with deep expertise in areas such as Authentication Services, Identity Governance, Privileged Access Management, and related technologies (e.g., Okta, CyberArk, Microsoft Entra ID).

• 8+ years of experience in technology strategy and roadmap planning in an enterprise environment.

• 5+ years of proven technology leadership experience, with excellent stakeholder management, communication, and leadership skills.

Additional Preferences:

• Strong business acumen with the ability to map technical capabilities to business needs and priorities.

• Knowledge of IT operations, system administration, and identity and access management processes.

• Experience with compliance frameworks such as PCI-DSS, HIPAA, NIST 800-171, and others.

• Relevant certifications such as CISSP, CISM, GCIA, or GCIH preferred.

Additional information:

• Remote option for non-local candidates.

• Local candidates will be on a hybrid work model at the Lilly Corporate Center in Indianapolis.

• Lilly currently anticipates that the base salary for this position could range from between $148,500 to $217,800 and will depend, in part, on the successful candidate’s qualifications for the role, including education and experience. Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities).  Of course, the compensation described above is subject to change and could be higher or lower than the range described above.  Further, Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly’s compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees.

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively “Lilly”) are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( Lilly_Recruiting_Compliance@lists.lilly.com ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women’s Network, Working and Living with Disabilities. Learn more about all of our groups.

#WeAreLilly