Cyber Intelligence Analyst

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.Eli Lilly Cork is made up of a talented diverse team of over 2000 employees across 60 nationalities who deliver innovative solutions that add value across a variety of Business Service functions including Finance, Information Technology, Medical, Clinical Trials and more. Eli Lilly Cork offers a premium workspace across our campus in Little Island, complete with flexible hybrid working options, healthcare, pension and life assurance benefits, subsidised canteen, onsite gym, travel subsidies and on-site parking. Inhouse People Development services, Educational Assistance, and our ‘Live Your BEST Life’ wellbeing initiatives are just some of the holistic benefits that enhance the career experience for our colleagues.Eli Lilly Cork is committed to diversity, equity and inclusion (DEI). We cater for all dimensions ensuring inclusion of all ethnicities, nationalities, cultural backgrounds, generations, sexuality, visible and invisible disabilities and gender, with four pillars: EnAble, Age & Culture, LGBTQ+ and GIN-Gender Inclusion Network. EnAble, our pillar for people with disabilities and those that care for them, partners with the Access Lilly initiative to make our physical and digital environment accessible and inclusive for all. Together they are committed to promoting awareness to create a disability confident culture both at Eli Lilly Cork and beyond. Come join our team - Be Creative, Be an Innovator, and most of all, Be Yourself!Do you like to be in the heart of the action, on the front lines of cybersecurity defense, creating a defense system to thwart cyber-attacks?  Join us as we do this daily to protect our patients, employees, and shareholders.The Global Cyber Defense Operations (GCDO) team is dedicated to active defense through analysis, innovation, and collaboration. Our mission focuses on unifying detection, analysis, and response strategies to safeguard Lilly's ability to develop life-changing medicines.The threat of cybersecurity attacks has never been greater, and the GCDO’s mission has never been more important.What You Will Be Doing:The Cyber Intelligence Analyst will operate in a functional group focusing on any of the following: Attack Surface Management, Cyber Threat Intelligence, Detection and Automation Operations, Cyber Defense Readiness, External Threat Response, and Insider Threat Response.Analysts typically begin with an assignment in the External Threat Response (ETR) function; however, you may be assigned to any of the core GCDO functions (Attack Surface Management, Cyber Threat Intelligence, Cyber Defense Readiness, Detection and Analysis Operations, Internal Threat Response) based on skills, development needs, and specific needs of the team.The functions of the GCDO are as follows:External Threat Response (ETR): Responsible for the monitoring, detection, analysis, investigation, and response to cybersecurity related events and incidents.Attack Surface Management (ASM): Responsible for reducing the overall attack surface of the Enterprise, including the identification, analysis, and remediation of vulnerabilities.Cyber Threat Intelligence (CTI): Leading efforts across the organization to consume, contribute, and produce threat intelligence, both internal and external to Lilly. Maintain, develop, and evangelize to partner functions an understanding of threats, attack campaigns and intrusion sets targeting Lilly.Cyber Defense Readiness (CDR): Responsible for the integration of key initiatives between the GCDO and the rest of Cybersecurity and other business partners.Detection and Analysis Operations (DAO): Responsible for general SecOps and DevOps of GCDO owned capability to empower the organization. Establishing the platform and services to enable the effective detection and monitoring of security events, as well as providing a means to analyze and improve detections.Internal Threat Response (ITR): Responsible for the monitoring, analysis, and investigation of cybersecurity related events and incidents, with a focus on the internal workforce.How You Will Succeed: Through the effective performance of the following responsibilities:Supporting: Assisting in various cybersecurity and other work as assigned.Analyzing: Examining cyber threats and incidents.Developing: Creating capability to enable each core function.Documenting: Thorough documentation of your analysis.Detecting: Identifying potential security issues.Prioritizing: Ranking threats based on severity.Responding: Taking action to mitigate threats.Recommending Strategic Changes: Drive security improvements that will increase our ability to defend the Enterprise.Provide rotational on-call availability for cybersecurity incidents raised outside of normal business working hours. The on-call responsibilities are designed to support triage of high priority alerts to ensure the 24/7 protection of Lilly assets. Team members will be required to be on-call for one weekend (Saturday & Sunday, 8-9 hrs per day) every 4 weeks on a rotating schedule. Rotating schedules may also be established to cover Public Holidays. Team members will receive a fixed on-call allowance per day of on-call, paid monthly in arrears. In addition to the on-call allowance, additional premiums for hours worked during the on-call period will apply at an hourly rate for each hour worked, paid monthly in arrears.What You Should Bring:Experience with monitoring system operations and reacting to events in res