Security Architect

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

Actual compensation will depend on a candidate’s education, experience, skills, and geographic location.  The anticipated wage for this position is

What You'll Be Doing:

As a Senior Security Architect, you will shape security architecture decisions across key technology domains and lead strategic security initiatives. You will develop and maintain reference architectures, conduct internal workshops on specialized subjects like risk assessment, and create metrics to measure security effectiveness. This role involves significant executive engagement, including preparing and delivering senior executive briefings while driving security innovation across multiple teams.

How You'll Succeed:

• Domain expertise: You will demonstrate deep technical expertise in your security domain while maintaining broad knowledge across security principles and practices.

• Strategic leadership: Success requires the ability to shape security architecture decisions and guide complex initiatives across multiple teams.

• Innovation drive: You will actively promote new and innovative security solutions while developing metrics to measure their effectiveness.

• Executive communication: Strong ability to brief senior executives and translate complex security concepts for various audiences.

• Continuous improvement: You will develop and implement metrics to measure security effectiveness and efficiency across architectural initiatives.

• Mentorship: Lead specialized workshops and mentor teams in advanced security practices and risk assessment.

Key Responsibilities:

• Shape and develop security guidelines across key technology domains

• Lead the development and maintenance of reference architectures

• Conduct advanced threat modeling using frameworks like MITRE ATT&CK

• Develop metrics to measure security effectiveness and efficiency

• Lead internal workshops on specialized security subjects

• Prepare and deliver senior executive briefings

• Drive security innovation across multiple teams

• Perform proactive threat analysis and develop comprehensive mitigation strategies

• Guide complex security initiatives and provide strategic direction

• Mentor and develop security team members

• Developing enterprise-wide security guidelines, leading reference architecture development, conducting advanced threat modeling, and driving security innovation across multiple teams.

What You Should Bring:

• Deep technical expertise in security architecture and domain-specific knowledge

• Experience with security frameworks (MITRE ATT&CK, NIST, ISO 27001, SABSA, TOGAF)

• Strong foundation in threat modeling and risk assessment methodologies

• Proven track record of developing reference architectures and security guidelines

• Experience in briefing senior executives and leading strategic initiatives

• Strong multi-tasking, organizational, and leadership skills

• Proficiency in team collaboration and strategic planning

• Demonstrated ability to promote innovation across multiple teams

• Excellence in security consulting and proactive design guidance

• Commitment to continuous learning and staying current with security trends

• Team management and collaboration: Leading cross-functional teams, mentoring security professionals, conducting specialized workshops, and actively promoting innovative security solutions across the organization.

Your Basic Qualifications:

• Bachelor's Degree in Computer Science, Information Security, or related field OR High School Diploma/GED with 4+ years of experience in Information Security or related field

• At least eight years of experience in security architecture with demonstrated leadership experience

• Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) now or in the future.

Core Technical Competencies:

• Deep domain-specific knowledge in security specialization areas

• Broad understanding of security principles and practices

• Expertise in security architecture design and reference architecture development

• Advanced threat modeling and risk assessment capabilities

• Proficiency in security frameworks and controls

• Strong understanding of emerging security technologies and trends

Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form (https://careers.lilly.com/us/en/workplace-accommodation) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women’s Network, Working and Living with Disabilities. Learn more about all of our groups.

Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities).Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly’s compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees.

#WeAreLilly