At Genmab, the Cyber Security Analyst is a security professional with a passion for improving information security, with a broad knowledge in cyber security and the successful candidate for this position needs to be a specialist in threat management and the information security incident management process. Cyber Security Analyst
This knowledge and expertise must be combined with a hands-on mentality and capabilities to not only design fit-for-purpose cyber security management and especially response procedures, but also – in alignment with Genmab’s Cyber Security & IT Risk team, the MSSP and the MSP – constantly evaluate the efficiency of Genmab’s security incident response processes and procedures and strive to improve them.
The analyst will be an active member of the teams managing security incidents. Incidents, which might be reported by end users, Genmab’s MSSP, MSP, other business partners or services.
The role to be filled is also responsible for the maintenance of the governance documents, including, but not limited to process and procedure descriptions.
The analyst must also regularly report the status and performance of incident response processes and procedures, and thereto related service tickets, change requests and improvement activities.
The analyst will work very close together with Genmab’s Security Operations team, which is providing services in areas like security monitoring, audit, and threat intelligence.
Identifying threats and managing those will therefore be another very important task of the analyst.
The successful candidate is required to be result driven, to be able to work to a large extend independently, is willing to take acceptable risks but most of all, must be convinced of the benefits of teamwork.
The analyst will report directly to the Director Cyber Security & IT Risk (Denmark).
- Develop, maintain and continuously improve security incident response runbooks, processes and procedures (e.g. for Phishing attacks, Malware infections, broken IAM processes)
- Plan and manage Incident response procedure / Business Continuity Plan / DR tests
- Actively anticipate and prevent cyberattacks by thoroughly understand cyberattacks, malware, and the behavior of cybercriminals
- Collect and analyze threat intelligence and inform key stakeholder about the findings and advise on how to react on them.
Requirements (Knowledge, Skills & Experience)
- Bachelor’s degree in cybersecurity or a related field
- Strong knowledge and experience in threat- and cyber security incident management, especially in analyzing threat intelligence, log events and designing cyber security incident response procedures
- Understanding of SIEM, XDR and ID/IP concepts
- At minimum 3 years of work experience in as an operational security analyst
- Excellent know-how of information security technologies
- Ability to identify indicators of compromise, network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation
- Strong knowledge of technical aspects of operating systems, virtual environments, Cloud platforms and networking protocols
- Expert knowledge in developing, maintaining, and operating Security Incident Response processes and procedures
- Experience in working in/for a multinational biotech or pharmacological company
- Capability to explain security issues in “normal” language to non-technical stakeholders
- Proficiency in Service Now and Microsoft Azure Sentinel
- Very good communication skills in English
- Strong sense of self, ethics, as well as the willingness to go the extra mile to achieve goals
Requirements (Personality & Values)
- You have a passion for information security and follow actively the newest developments in areas like incident management, security monitoring, cyber threats and tooling used in those areas
- You are determined to be the best in what you do
- You are a team player and able to represent the security team
- Take ownership of tasks assigned to you and carry on until the task is completed
- Be proactive, recognize opportunities, take initiative, and action, and persevere until a meaningful change takes place