The Armis Security Specialist is responsible for maximizing the value of our Armis deployment and strengthening security across our laboratories and related operational technology (OT) and IoT devices. This role focuses on ongoing optimization of Armis-based monitoring, analysis, detection, and response capabilities, and on implementing practical policies and procedures that reduce security risk without disrupting scientific workflows.
The ideal candidate has hands‑on experience with Armis, understands network and endpoint fundamentals, lab instrumentation and scientific workflows, and is comfortable working closely with R&D lab staff, IT, and security teams in a pharma environment.
Key Responsibilities
Serve as day‑to‑day Armis specialist for R&D labs, supporting configuration, tuning, and ongoing operations.
Maintain and refine Armis policies, alerts, device classifications, and risk scores for lab‑specific use cases.
Integrate Armis with existing tools for data enrichment.
Support testing and rollout of new Armis features and use cases in the R&D context.
Continuously refine device classification, risk scoring, and detection logic to reduce false positives and increase actionable insights.
Lab Asset Visibility & Risk Identification
Use Armis to maintain an up‑to‑date inventory of R&D lab devices.
Identify vulnerable, unsupported, or misconfigured devices and network segments, and document findings.
Support development of remediation and risk‑reduction plans with lab IT, instrument owners, and central cybersecurity.
Develop, document, and maintain policies, standards, and procedures for:
Vulnerability and patch management approaches appropriate for lab equipment
Incident detection, triage, and response using Armis
Ensure that procedures align with internal security standards and relevant frameworks (e.g., ISO 27001, NIST, and GxP where applicable).
Monitoring, Analysis & Incident Support
Configure and manage Armis alerts and rules for anomalous behavior, policy violations, and suspected compromises.
Triage and investigate Armis alerts, correlating with other security tools and network logs.
Provide technical input to security incident response activities involving lab or OT devices (containment strategies, impact analysis, and recovery recommendations).
Produce reporting on lab asset inventory, risk posture, vulnerabilities, and incident trends, and present findings to stakeholders.
Work closely with R&D scientists, lab operations, and instrument owners to understand workflows and constraints, ensuring controls are practical and minimally disruptive.
Support awareness and training sessions for lab users and IT support teams on secure use of lab/OT/IoT devices and Armis‑related processes.
Qualifications
Required
Bachelor’s degree in Computer Science, Information Security, Engineering, or related field; or equivalent practical experience.
Hands‑on experience operating Armis or a similar OT/IoT/medical device security platform.
2–4+ years of experience in cybersecurity, network/security operations, or OT/IoT security.
Solid understanding of network fundamentals (TCP/IP, VLANs, routing, switching, firewalls, NAC concepts), and asset discovery, risk scoring, and anomaly detection concepts.
Experience creating or implementing security procedures, runbooks, or SOPs.
Strong communication skills and ability to work with both technical teams and non‑technical R&D stakeholders.
Preferred
Experience in pharmaceutical or biotech R&D environments (discovery, preclinical, translational, or research support labs).
Familiarity with GxP and computerized system validation principles, and how they influence security controls for lab systems.
Exposure to SIEM, vulnerability management, NAC, or CMDB tools.
Relevant certifications (e.g., Security+, GSEC, GICSP, CISSP, or Armis training).
#J-18808-Ljbffr