As a leading global animal health company, Elanco delivers innovative products and services to improve the health of pets and farm animals around the world because we believe making animals' lives better, makes life better. Since 1954, we have provided solutions that support veterinarians, farmers and pet owners to advance our vision of Food and Companionship Enriching Life. Elanco's promise to employees: Together, we foster an inclusive culture where everyone can make a difference, encouraging ownership, growth and well-being.

Position Title: Security Engineer

Reporting to: Platform Security & Workplace Services Director

Description

We are seeking a highly skilled Security Engineer to join our team. As a Security Engineer, you will play a crucial role in ensuring the confidentiality, integrity, and availability of our information systems and data. You will be responsible for implementing and maintaining security controls, conducting risk assessments, and responding to security incidents. The ideal candidate will have a strong foundation in information security fundamentals and possess expertise in securing various technologies and environments.

The Company

Elanco is a global animal health company that develops products and knowledge services to prevent and treat disease in food animals and pets in more than 90 countries. With a 64-year heritage, we rigorously innovate to improve the health of animals and benefit our customers, while fostering an inclusive, cause-driven culture for more than 5, 800 employees. At Elanco, we’re driven by our vision of food and companionship enriching life – all to advance the health of animals, people and the planet. Learn more at www.elanco.com.

The Team

A recent separation from our parent company has given us the unique opportunity to develop a very modern ecosystem. The TechOps team is responsible for all IT Infrastructure and services across the enterprise and looking to take the opportunity to think differently, build for the future and leverage modern technologies, services and processes.

We are recruiting for a number of security engineers into the team and are looking to get a good mix of the skills detailed below. There would be an expectation for specialisms in some of these, but also a high-level understanding of security across the board.

Responsibilities:

Information Security Fundamentals:

• Apply security principles, including CIA (Confidentiality, Integrity, Availability) and the principle of least privilege.
• Implement and adhere to common security frameworks and standards (ISO 27001, NIST, CIS, etc.).

Operating System Security:

• Demonstrate proficiency in securing operating systems (Linux, Windows, macOS), including hardening, patch management, and access controls.
• Possess knowledge of containerization and container security (e.g., Docker, Kubernetes).

Hybrid Cloud Security:

• Showcase expertise in cloud platforms (Azure, GCP, VMWare) and their respective security models.
• Implement Identity and Access Management (IAM) in cloud environments.

Network Security:

• Utilize knowledge of firewalls, intrusion detection/prevention systems (IDS/IPS), virtual private networks (VPNs), and network segmentation.
• Secure network protocols such as TCP/IP, SSL/TLS, and DNSSEC.
• Experience/understanding of working in manufacturing/OT environments.

Security Tools and Technologies:

• Familiarity with security tools such as SIEM, WAF, IDS/IPS, and antivirus solutions.
• Proficiency in using vulnerability scanning tools and penetration testing tools.

Authentication and Authorization:

• Apply knowledge of authentication mechanisms (OAuth, SAML) and multi-factor authentication.
• Experience with role-based access control (RBAC) and privilege escalation prevention.

Incident Response and Forensics:

• Demonstrate the ability to respond to security incidents, conduct forensic investigations, and document findings.
• Familiarity with incident response frameworks and methodologies.

Security Monitoring and Logging:

• Understand log management, correlation, and analysis using tools like Splunk, Log Analytics, Cribl, or similar.
• Experience with setting up and managing security information and event management (SIEM) systems.

Security Compliance and Governance:

• Apply knowledge of regulatory compliance requirements (GDPR, HIPAA, PCI DSS) to ensure adherence.
• Experience in creating and maintaining security policies, procedures, and standards.

Scripting and Programming:

• Demonstrate proficiency in scripting languages like Python, PowerShell, or Bash for automation and security-related tasks.
• Knowledge of web development and application security (OWASP Top 10 vulnerabilities).

Communication and Collaboration:

• Strong verbal and written communication skills for interacting with cross-functional teams, management, and external stakeholders.
• Ability to work collaboratively with IT, development, and operations teams.

Continuous Learning and Adaptability:

• Stay updated with emerging threats, vulnerabilities, and security best practices.
• Willingness to adapt to new technologies and methodologies.

Problem-Solving and Critical Thinking:

• Analyse complex security issues, identify root causes, and develop effective solutions.

Core Skills

• At least 4 years experience as a Security Engineer.
• Strong understanding of security reviews, reports and audits.
• Strong communication skills with multiple examples of being able to convey complex ideas in a manner that resulted in a definitive direction and result.
• Strong personal & work organisational skills.
• Key Technologies:
  • Microsoft Defender Suite
  • Secure Gateway/SASE (e.g. ZScaler Private Access)
  • Sentinel
  • Microsoft Entra Suite

Language

English: Advanced/Fluent

Education Requirements

Bachelor’s Degree or commensurate industry experience

Other Information

Occasional travel may be required.

Elanco is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status