We unite caring with discovery to make life better for people around the world. As a global healthcare leader, we give our best effort to our work and put people first.
About Eli Lilly Cork
Eli Lilly Cork is a diverse team of over 1,600 employees across 38 nationalities delivering innovative solutions in various Business Service functions, including Finance, Information Technology, Medical, Clinical Trials, and more.
Our premium workspace at Little Island features flexible hybrid working options, healthcare, pension and life assurance benefits, subsidised canteen, onsite gym, travel subsidies, and on-site parking. In-house People Development services, Educational Assistance, and wellbeing initiatives enhance the career experience for our colleagues.
Career Benefits
* Diversity, Equity, and Inclusion (DEI) commitment, ensuring inclusion of all ethnicities, nationalities, cultural backgrounds, generations, sexuality, visible and invisible disabilities, and gender.
* Four pillars: EnAble, Age & Culture, LGBTQ+, and GIN-Gender Inclusion Network, promoting awareness and creating a disability confident culture.
Job Description
As an Application Security Engineer on the Security Architecture and Engineering team, you will ensure the security of our software development lifecycle (SDLC). You will integrate application security testing tools into the development and deployment pipeline, enabling secure coding practices, conducting security testing, and coordinating vulnerability remediation efforts.
Key Responsibilities
* Integrate security testing tools into the SDLC, including Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST).
* Partner with DevOps teams to build security testing and verification into the application development and deployment processes.
* Secure containers in on-prem and cloud container hosting services, collaborating with Cloud Service delivery teams.
* Develop and maintain technical specifications, design patterns, standards, and security guidance, focusing on application security.
* Perform threat analysis and modeling to enable business and technical partners to deliver secure solutions integrated with the SecOps lifecycle.
Requirements
* Bachelor's degree in Cyber Security, Computer Science, Information Technology, or related field, or equivalent experience.
* 4+ years of experience in Cyber Security, Information Technology, or related field, or equivalent experience.
* Demonstrated experience in application security, integrating security into the SDLC.
* Proficiency in DevSecOps practices and end-to-end security testing of applications.
* Experience with evaluating, mitigating, and prioritizing application security vulnerabilities using manual testing methods and industry standard commercial or open-source tools.
* Ability to apply frameworks such as OWASP Top 10 and MITRE ATT&CK Framework.
Lilly Values Diversity
Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form for further assistance.
Lilly does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability, or any other legally protected status.