At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We're looking for people who are determined to make life better for people around the world.
Protect the manufacturing systems that deliver life-changing medicines to millions of patients worldwide. As a Manufacturing & Quality Cybersecurity Business Analyst, you'll be at the intersection of cutting-edge cybersecurity and pharmaceutical manufacturing, ensuring that our global operations remain secure, compliant, and resilient against evolving threats.
The Opportunity
This is a rare opportunity to shape cybersecurity strategy across Lilly's global manufacturing and quality operations. You'll work at the convergence of IT/OT security, GxP compliance, and business enablement-translating complex cyber risks into actionable insights for manufacturing leaders while embedding security into mission-critical systems like SAP, SCADA, and quality management platforms.
You'll be a strategic partner, not just a security enforcer. This role requires someone who can influence upward, build trust across diverse stakeholders, and drive security adoption through collaboration rather than mandates. If you thrive in ambiguity, love solving complex problems, and want your work to directly impact patient safety and product quality, this role is for you.
What You'll Do
Drive cybersecurity strategy and roadmap priorities for Manufacturing and Quality, balancing security requirements with operational needs and GMP compliance across 50+ global manufacturing sites
Partner with business and IT teams to embed security into SAP manufacturing systems, OT/SCADA environments, quality management platforms, and emerging technologies through secure design principles
Translate cyber risks into business language for Manufacturing and Quality leadership, presenting security metrics, scorecards, and risk acceptance decisions to executive stakeholders
Build strategic relationships with internal customers and external partners (CMOs, vendors) to assess and reduce cybersecurity risks while maintaining operational continuity
Lead security awareness and adoption initiatives within Manufacturing and Quality, influencing security-conscious behaviors and ensuring teams understand their role in protecting critical infrastructure
Monitor compliance and drive remediation activities to improve the business security posture, ensuring alignment with security policies, industry frameworks (NIST, ISO), and regulatory requirements
Stay ahead of emerging threats by continuously monitoring cybersecurity trends, attack vectors specific to pharma/manufacturing, and evolving mitigation techniques to enhance preventative and detective capabilities
Your Minimum Required Qualifications
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related technical field
5+ years of experience in cybersecurity strategy, governance, risk management, or security operations
Comprehensive expertise across cybersecurity domains: prevention, detection, incident response, recovery, and compliance
Deep knowledge of security frameworks (NIST CSF, ISO 27001/27002, CIS Controls) and IT risk management standards
Proven track record managing complex security programs and cross-functional initiatives
Industry-recognized certification (CISSP, CISM, CRISC, or equivalent)
What You Should Bring
Master's degree in Cybersecurity, Information Security, or related field
Experience in pharmaceutical, life sciences, or highly regulated manufacturing environments
Knowledge of GxP regulations (GMP, CSV/CSA) and how they intersect with cybersecurity requirements
Familiarity with OT/ICS security, SCADA systems, and IT/OT convergence challenges
Outstanding communication skills with the ability to articulate technical cyber risks to non-technical business audiences. Experience influencing upward and presenting to senior leadership, including security metrics, business cases, and risk decisions
Experience with SAP security, manufacturing execution systems (MES), or enterprise quality management systems
Multiple security certifications (e.g., CISSP + CISM, or specialized certifications like GIAC, SANS)
What You'll Gain
Direct impact on patient safety: Your work protects the systems that manufacture medicines for patients worldwide
Strategic influence: Shape enterprise-wide security strategy and drive security roadmaps across global operations
Unique technical exposure: Work at the intersection of IT/OT security, SAP manufacturing systems, GxP compliance, and cutting-edge cyber threats
Continuous learning: Stay ahead of emerging threats, gain expertise in pharmaceutical manufacturing security, and work with world-class cybersecurity and operations teams
Professional development: Support for advanced certifications, training, conferences, and career growth opportunities within Lilly's cybersecurity organization
Global collaboration: Partner with manufacturing sites, cybersecurity teams, and business leaders across the world
About the Team
You'll join the Manufacturing & Quality SAP Cyber Lead Organization, a specialized team within Lilly's Cybersecurity organization dedicated to supporting Manufacturing and Quality functions globally. Our team consists of cybersecurity professionals who understand both the technical intricacies of cyber defense and the operational realities of pharmaceutical manufacturing.
We value partnership over enforcement -bringing security expertise while respecting manufacturing operations and GMP requirements. Our culture emphasizes collaboration, continuous learning, innovation, and pragmatic risk management. We believe security should enable the business, not block it, and we work closely with stakeholders to find the right balance between protection and operational efficiency.
Expectations
This role requires an experienced professional who can operate at both strategic and tactical levels. You'll be expected to:
Influence across and upward: Build credibility and present security recommendations to Manufacturing and Quality business partners while navigating organizational complexity
Bring structure to ambiguity: Take on complex, undefined challenges and create frameworks, processes, and solutions that work in the real world
Exercise expert judgment: Make informed risk decisions, balance competing priorities, and provide guidance on security vs. operational trade-offs
Think innovatively: Challenge conventional approaches, identify opportunities for transformational improvements, and stay ahead of industry trends
Additional Information
Travel: Less than 10%
Location: Indianapolis, IN
Join us in protecting the systems that make medicines possible.
Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form ( https://careers.lilly.com/us/en/workplace-accommodation ) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response.
Lilly is proud to be an EEO Employer and does not discriminate on the basis of age, race, color, religion, gender identity, sex, gender expression, sexual orientation, genetic information, ancestry, national origin, protected veteran status, disability, or any other legally protected status.
Our employee resource groups (ERGs) offer strong support networks for their members and are open to all employees. Our current groups include: Africa, Middle East, Central Asia Network, Black Employees at Lilly, Chinese Culture Network, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinx at Lilly (OLA), PRIDE (LGBTQ+ Allies), Veterans Leadership Network (VLN), Women's Initiative for Leading at Lilly (WILL), enAble (for people with disabilities). Learn more about all of our groups.
Actual compensation will depend on a candidate's education, experience, skills, and geographic location. The anticipated wage for this position is
$64,500 - $151,800
Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities).Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly's compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees.
WeAreLilly
