Organon is a Women’s Health Company that believes in a better and healthier every day for every woman! We are a passionate, global community of thousands dedicated to redefining the future of women’s health.
Our mission is to deliver impactful medicines and solutions for a healthier every day. But what really makes it work at Organon is our people.
We’re looking for real, passionate team players, curious innovators, forward thinkers, empowered by the idea of shaping their career, and ready to bring their fire to embrace change and the opportunities it brings for progress.
At Organon, you’ll get to enjoy the best of both worlds : the open, agile, collaborative culture of a start-up, and operating at the scale of a fortune 500 company with an international footprint that serves people in more than 140 markets.
It’s going to be an exciting future come be a part of it!
Security Platform Sr Specialist will support the management of security platforms including but not limited to the Agari Email Trust Platform, Microsoft Cloud App Security Cloud Access Security Broker and AWS Cloudfront through the team that is delivering Data Loss Prevention support.
Resource will drive innovation, process improvement, security efficiencies, and lead the charge for strengthening Organon’s security program.
Security Platform Specialist will be a member of the Security Operations Center team with the Business Technology Risk Management & Security (BTRMS) organization, and report to the Security Operations Center Lead.
Primary Activities / responsibilities include :
Onboard new External Services that send emails using Organon domains
Lead projects & initiatives to drive risk reduction and efficiency in operations
Maintain systems connection with Splunk (Log Pulls)
Troubleshoot and resolve DMARC email failures (Solid DNS Knowledge), confirm all new and acquired domains are in DMARC Reject, onboard / offboard domains in the Agari Console
Monitor for DNS changes and ensure enforcement of DMARC mandatory requirements
Configure and troubleshoot malware scanning through MCAS CASB
Monitor / respond to unauthorized access attempts, account license thresholds, SAML Certificate update
Manage AWS Cloudfront safelist configuration, policy hardening and exclusion
Analyze data, perform platform OS, network performance analysis for troubleshooting and researching platform issues, discover and identify the source of problems and escalate operational incidents as needed
Identify and evaluate technology risks internally and / or at third parties, identify controls which mitigate risks, and look for opportunities for control improvements
Understand defence-in-depth strategies and apply those to the Organon environment
Collaboration with engineering messaging and cloud teams
BA / BS in Engineering, Computer Science, Information Security, or Information Systems
3-5 years of experience in cybersecurity
Demonstrated analytic expertise including the ability to think critically and logically in a dynamic, high-pressure, fast-paced environment
Strong experience managing policies & controls
Strong understanding of on-premise and cloud-based Web Application Firewall Technologies
Adaptable, willing to learn, and ready to grow in a changing environment
Strong teamwork and collaboration skills
Excellent oral and written communication skills
Knowledge of foundation in information security controls, guidelines, and standards (ISO27000 series, WAF certification, Security+, AWS Security or any relevant)
Technical knowledge and understanding of security concepts, principles, and best practices in areas such as Web Applications, Cloud Security, Brand Protection, Endpoint and Network Security, Identity and Access Management, Security protocols, SIEM / SOC, etc.
Have experience with one or more of Akamai, AWS Cloudfront, Cloudflare WAF and CDN solution, Imperva Web Application Firewall, F5 WAF, Agari DMARC, MCAS CASB, etc.
Experience in working with information security risk management and assessment based on security policies, industry standards, guidelines, and best practices, knowledge of principles of assessments of 3rd party vendors
Ability to review application functionality and architecture to advise and assist project teams on building compensating controls where security requirements cannot be met