IT Security Analyst

Want a 3D Career? Join Norgine.

At Norgine, our colleagues Dare themselves to be different and try new things, Drive to achieve their goals and beyond, and Develop themselves and their community.

We call it the 3D career at Norgine and it offers you a fully-rounded experience with no limits.

Bring everything about yourself that you’re proud of, whether that’s your passion for making a difference, focus on others’ well-being, or intellectual curiosity to unleash in a fast-paced environment and supportive community.

In return, get a sense of belonging, a long-term career with ongoing development and upskilling, and a company that cares about people’s wellness as much as you do.

Because at Norgine, we transform lives with innovative healthcare solutions.

We have an exciting opportunity for a highly skilled, experienced and motivated IT Security Analyst to join Norgine, on a fixed term basis until the end of December 2025. This is an important position and will report to Director of IT Governance, supporting key security projects working with the wider security and IT team, and engaging with the business.

The successful candidate will have demonstratable previous experience at Level 1/Level 2 SOC analyst roles in a corporate or enterprise IT environment, rather than a dedicated SOC.

Further to this, they must hold prior experience  and understanding of Governance and Compliance frameworks with the ability to directly contribute, create, refine security policies, processes and controls along with inputting, supporting and providing security guidance to a variety of IT projects and programmes in flight.

They must be confident in communicating, training, inputting into technical design decisions and provide security guidance to stakeholders – in some cases these stakeholders may be in the wider business, so translating technical concepts to business personnel is a must.

If you want a multi-dimensional 3D career in a leading healthcare organisation, join us.

Requirements

• Advanced incident response and threat hunting, leading investigations into sophisticated threats and proactively searching for hidden indicators of compromise.

• Conduct thorough technical security reviews of both new and existing services, documenting findings, and implementing necessary measures to ensure they meet the requirements as set out by the security team at Norgine.
• Assist in the management of the security requirements of the supply chain through the technical analysis of systems and applications within Norgine
• Oversee the effectiveness and deployment of cyber security tools and technologies on a regular basis to ensure optimal performance and responsiveness.
• Understand and advise on the current and emerging Cyber Security legal/compliance measures which Norgine need to adhere to, relevant to where the business operates. Identify opportunities for improvement to be aligned with emerging legislation.
• Collaborate with the Security team to engage and lead projects with external partners and internal stakeholders to conduct penetration tests, interpret results, and develop response plans to address identified vulnerabilities.
• Oversight of the analysis of legacy operating systems and services, identifying potential security risks, and work with relevant stakeholders to implement security hardening or network isolation solutions where necessary.
• Participation in the internal and external security audits to ensure that there is the compliance to the required security and associated data protection standards.
• Monitor and assess the patch status of IT assets to ensure compliance and minimize vulnerabilities.
• Review and test the applicability of the security policies, processes, and controls to ensure their effectiveness within the business and alignment with best practices.
• Act as a subject matter expert, providing guidance and support to internal project delivery pipeline, BAU initiatives, and changes to ensure compliance with security policies and architectural principles.
• Maintain the Cyber Technology roadmap, working with the Technology team to research and propose innovative solutions to security challenges that may reduce Norgine’s risk and threat profile.
• Provides direction and input into the security incident response process, including supporting the development of new incident monitoring use cases, reviewing alerts generated by monitoring tools, and leading the coordination of security incidents.
• Provide assurance monitoring on standard, serviced and privileged access management, to ensure that the partners involved are efficient and effective in the delivery of this function.

You will:

• Have demonstratable previous experience at Level 1/Level 2 SOC analyst roles in a corporate or enterprise IT environment, rather than a dedicated SOC.
• Hold security certification (e.g. OSCP, OSCE, CISSP, CySA+, Security+, Pentest+)
• Have knowledge and comprehensive understanding of cybersecurity, governance & compliance frameworks principles and have demonstratable experience operationalising these and integrating into business processes,
• Be a team player, working closely with a team of security professionals, IT colleagues and the wider business to implement security measures and ensure compliance with industry standards.
• Have exceptional organisational skills and the ability to prioritise and manage tasks in a fast-paced environment, being an effective communicator excelling in remote environments while staying organised and adaptable to evolving threats.
• Strong experience of working in a highly regulated environment e.g. pharma, financial
• Strong knowledge of security protocols, tools, and techniques. Not limited to:

o   Azure Cloud Security experience with Defender for Cloud, Conditional Access, Sentinel, IAM, PIM,

o   Experience in Crowdstrike EDR and Identity Protection.

o   Experience using advanced Crowdstrike Logscale Queries (FQL) and advanced Kusto queries (KQL).

o   Experience with Incident Response, Forensics and required tools.

o   Demonstratable experience with Penetration testing, planning and scoping, execution, and reporting. Familiarity with red/blue team exercises.

o   Hands-on experience with proactive Threat Hunting across various environments.

o   Deep understanding of firewalls, IPS/IDS, VPN, and network segmentation.

o   Experience with Data Loss Prevention (DLP) and Microsoft Purview and Varonis

o   Experience with ZTNA solutions.

Benefits

Our benefits may vary per location. Please liaise with the Norgine TA representative to obtain more information.

Sound good? Find out more about the career you’ll have with Norgine, then apply here.

#LI-PP1