[Netherlands] Senior Cybersecurity Analyst, Global Information Security

Amsterdam, Netherlands

Santen

Santen is a global leader in ophthalmological research and development and the production and marketing of related pharmaceuticals and medical devices. Guided by the Santen motto

View all jobs at Santen

Apply now Apply later

Company Description

As a specialized company dedicated to eye health, Santen aspires to contribute to the realization of “Happiness with Vision” by providing valuable products and services to patients, consumers, and medical professionals around the organization.
Since its establishment in Japan in 1890, and guided by its CORE PRINCIPLE, “Tenki ni sanyo suru,” Santen has been committed to helping people maintain and improve their eye health, and is engaged in the global research and development, manufacturing, and sales and marketing of pharmaceutical products in the field of eye care, supporting the eye health of approximately 50 million people worldwide. Our duty is to create a future in which as many patients and consumers as possible can lead happy and fulfilling lives, we will continue to contribute to the realization of better eye care by providing solutions that eliminate bottlenecks in the diagnosis and treatment of eye diseases, thereby revolutionizing the treatment flow.
Each of us is deeply committed to challenging ourselves, building an organization that brings together diverse internal talents and external expertise, and to doing our utmost to realize a society in which people everywhere can feel happy through vision-related experiences. Isn't it exactly the kind of environment you want to belong in? 

Job Description

Job’s mission

Under the direct supervision and guidance of the Cybersecurity Manager, the job holder is part of the Global Information Security Function (Digital & IT Division), responsible for execution of Global Cyber Defense Strategy, implementation of a sound global information security incident management process to protect Santen from cyberattacks, supporting the risk and vulnerability management processes which is in line with security regulations, standards and best practices, managing the SOC (Security Operations Center) partner, managing cybersecurity projects in order to ensure that information assets are adequately protected and compliant as well as maximize the benefit of information systems for Santen’s global businesses. No direct subordinates as of the recruitment date however there will be several Digital & IT members and external consultants whose activities need to be coordinated by this role within the framework of cybersecurity projects or processes. Key Responsibilities & Accountabilities:

Security Incident Management

  • Lead the investigation, analysis, and resolution of security incidents, ensuring swift and effective response. 
  • Collaborate with the SOC team to monitor and prioritize incidents, implementing containment. With the involvement of cross functional team as necessary, for eradication, and recovery measures. 
  • Improve the incident response plans, playbooks, and standard operating procedures, and making sure the known issues are addressed according to risk management methodology.
  • Conduct post-incident reviews and develop actionable recommendations to prevent recurrence. 
  • Participate in regular operational discussions with SOC team, for incident coordination and to improve the overall process.
  • Manage the monthly operational meetings between SOC team and Santen, improve the overall process and ensure the KPIs are achieved.
  • Track KPIs (including Azure Sentinel Services related ones) to measure the effectiveness of the incident response process. 
  • Compliancy reporting for all endpoint & servers & log sources with relevant security controls & configurations. 
  • Support the Disaster Recovery and Business Continuity related initiatives specific to Information security incident management.

Vulnerability Management

  • Improve the Global Vulnerability Management Program focused on reducing the risk presented by vulnerabilities in Santen environment by continuously performing three core steps; Discovery, Reporting and Remediation.
  • Continuously monitor vulnerability sources and threat intelligence feeds to stay ahead of emerging threats.
  • Guide the technical teams (Global Infra, Regional Infra and Application teams, critical third parties) to make sure vulnerabilities are mitigated in a timely manner.
  • Participate and contribute to regular vulnerability scan and penetration test activities to support the team. 
  • Recommend and coordinate security controls to mitigate identified vulnerabilities. 
  • Monitor external threat landscapes and translate findings into actionable insights for the organization. 
  • Utilize existing tools & services for emerging threats against company assets, and corelate the events with incident management.

Cybersecurity Defense & Management

  • According to the company’s long-term vision, execute the cybersecurity operations by collaborating with cross-functional teams.
  • Anticipate future internal and external trends (based on analysis performed) and implications and create appropriate cybersecurity measures.
  • Build understanding of cyber threats in each level. Develop detection & protection measures continuously, manage the technical and process related improvement discussions to be prepared to defend Santen from disruptive or destructive cyberattacks.

Cybersecurity Projects Initiation and Execution

  • Manage or support projects to implement the required cybersecurity frameworks by developing business cases and conducting opportunity studies when needed.
  • Understand projects and services specificities in a global environment, and plan, organize, and execute activities to achieve specific objectives within the defined constraints of time, cost, and scope.
  • Identify vulnerabilities, develop countermeasures, and implement security controls to protect Santen’s assets during the project lifecycle.

Stakeholder Relationship and Vendor Management

  • Maintain good working relationships with internal stakeholders globally, especially with Digital & IT management.
  • Support his/her Digital & IT peers in charge of infrastructure, service operations and business applications to provide the right information security advice or solutions allowing them to provide the contributions to business domains.
  • Manage the suppliers by defining clear guidelines and objectives, relying on KPIs in coordination with the governance in place. Challenge organization and governance in place to verify the company is obtaining best value and that vendors are meeting our information security needs and requirements.

Qualifications

  • Minimum of 7 years experience in Information Security Systems, including at least 4 years of experience in the fields of Cybersecurity and Incident Management (such as: SIEM, threat intelligence, hunting technologies, offensive security, part of SOC teams and other cyber defense services including SOC, XDR/MDR) and Project Management.
  • Experience with Microsoft Security Suite (Defender Suite & Azure Security) and other equivalent security technology services in cloud environments.
  • Experience with program implementations such as ISO, NIST CSF and other related cybersecurity frameworks.
  • Experience in performing risk, control and vulnerability assessments, and in defining treatment strategies; expert knowledge of current and emerging cybersecurity risks.
  • International experience of working with teams spread across different countries and global stakeholders.
  • Excellent track records of delivering results.
  • Bachelor's degree in Business, Computer Sciences, Engineering, or related field.
  • Relevant Cyber security certifications (CISSP, CISM, CISA, CEH, JAPAN Registered Information Security Specialist, etc.).
  • Fully comfortable working in English, both written and spoken.

Deadline 
Please apply no later than 27th October 2024.
To submit your application, please upload your English version of CV (click on Apply and follow the instructions) as we don’t accept Cvs sent directly.

Additional Information

A career at Santen is an opportunity to make a difference. Through our long-term vision outlined in Santen 2030, we are committed to be a Social Innovator - addressing the social and economic needs of people with visual impairments. We have team members around the world using their diverse talents to unlock new modalities and drive innovations for patient outcomes, education and treatment. At Santen, we believe in empowering all our team members with flexible ways of working and a highly inclusive work environment.

The Santen Group is an Equal Opportunity Employer. We are committed to building diverse teams and ensuring a safe and inclusive physical and virtual workplace for every one of our team members. All employment decisions are based on business needs, role requirements and individual qualifications regardless of race, color, ethnicity, national origin/ancestry, religion, gender, gender identity/ expression, age, disability, medical condition, marital status, veteran status, or any other characteristic protected by law.

Santen SA, the Netherlands Branch has an exclusive arrangement for recruitment services. External recruiting agencies are kindly requested not to contact us regarding the positions listed here. If you require any kind of accommodation during our recruitment process, please let the recruiter from our team know.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  7  0  0
Category: Analyst Jobs

Tags: Azure CEH CISA CISM CISSP Cloud Cyber defense Governance Incident response KPIs NIST Offensive security Risk management Sentinel SIEM SOC Strategy Threat intelligence Vendor management Vulnerabilities Vulnerability management XDR

Perks/benefits: Career development Flex hours Team events

Region: Europe
Country: Netherlands

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.