Cybersecurity Business Analyst - Manufacturing and Quality
Company: Eli Lilly and Company
Location: Indianapolis
Posted on: January 26, 2026
|
|
|
Job Description:
At Lilly, we unite caring with discovery to make life better for
people around the world. We are a global healthcare leader
headquartered in Indianapolis, Indiana. Our employees around the
world work to discover and bring life-changing medicines to those
who need them, improve the understanding and management of disease,
and give back to our communities through philanthropy and
volunteerism. We give our best effort to our work, and we put
people first. We’re looking for people who are determined to make
life better for people around the world. Protect the manufacturing
systems that deliver life-changing medicines to millions of
patients worldwide. As a Manufacturing & Quality Cybersecurity
Business Analyst, you'll be at the intersection of cutting-edge
cybersecurity and pharmaceutical manufacturing, ensuring that our
global operations remain secure, compliant, and resilient against
evolving threats. The Opportunity This is a rare opportunity to
shape cybersecurity strategy across Lilly's global manufacturing
and quality operations. You'll work at the convergence of IT/OT
security, GxP compliance, and business enablement—translating
complex cyber risks into actionable insights for manufacturing
leaders while embedding security into mission-critical systems like
SAP, SCADA, and quality management platforms. You'll be a strategic
partner, not just a security enforcer. This role requires someone
who can influence upward, build trust across diverse stakeholders,
and drive security adoption through collaboration rather than
mandates. If you thrive in ambiguity, love solving complex
problems, and want your work to directly impact patient safety and
product quality, this role is for you. What You'll Do Drive
cybersecurity strategy and roadmap priorities for Manufacturing and
Quality, balancing security requirements with operational needs and
GMP compliance across 50 global manufacturing sites Partner with
business and IT teams to embed security into SAP manufacturing
systems, OT/SCADA environments, quality management platforms, and
emerging technologies through secure design principles Translate
cyber risks into business language for Manufacturing and Quality
leadership, presenting security metrics, scorecards, and risk
acceptance decisions to executive stakeholders Build strategic
relationships with internal customers and external partners (CMOs,
vendors) to assess and reduce cybersecurity risks while maintaining
operational continuity Lead security awareness and adoption
initiatives within Manufacturing and Quality, influencing
security-conscious behaviors and ensuring teams understand their
role in protecting critical infrastructure Monitor compliance and
drive remediation activities to improve the business security
posture, ensuring alignment with security policies, industry
frameworks (NIST, ISO), and regulatory requirements Stay ahead of
emerging threats by continuously monitoring cybersecurity trends,
attack vectors specific to pharma/manufacturing, and evolving
mitigation techniques to enhance preventative and detective
capabilities Your Minimum Required Qualifications Bachelor's degree
in Computer Science, Cybersecurity, Information Technology, or a
related technical field 5 years of experience in cybersecurity
strategy, governance, risk management, or security operations
Comprehensive expertise across cybersecurity domains: prevention,
detection, incident response, recovery, and compliance Deep
knowledge of security frameworks (NIST CSF, ISO 27001/27002, CIS
Controls) and IT risk management standards Proven track record
managing complex security programs and cross-functional initiatives
Industry-recognized certification (CISSP, CISM, CRISC, or
equivalent) What You Should Bring Master's degree in Cybersecurity,
Information Security, or related field Experience in
pharmaceutical, life sciences, or highly regulated manufacturing
environments Knowledge of GxP regulations (GMP, CSV/CSA) and how
they intersect with cybersecurity requirements Familiarity with
OT/ICS security, SCADA systems, and IT/OT convergence challenges
Outstanding communication skills with the ability to articulate
technical cyber risks to non-technical business audiences.
Experience influencing upward and presenting to senior leadership,
including security metrics, business cases, and risk decisions
Experience with SAP security, manufacturing execution systems
(MES), or enterprise quality management systems Multiple security
certifications (e.g., CISSP CISM, or specialized certifications
like GIAC, SANS) What You'll Gain Direct impact on patient safety:
Your work protects the systems that manufacture medicines for
patients worldwide Strategic influence: Shape enterprise-wide
security strategy and drive security roadmaps across global
operations Unique technical exposure: Work at the intersection of
IT/OT security, SAP manufacturing systems, GxP compliance, and
cutting-edge cyber threats Continuous learning: Stay ahead of
emerging threats, gain expertise in pharmaceutical manufacturing
security, and work with world-class cybersecurity and operations
teams Professional development: Support for advanced
certifications, training, conferences, and career growth
opportunities within Lilly's cybersecurity organization Global
collaboration: Partner with manufacturing sites, cybersecurity
teams, and business leaders across the world About the Team You'll
join the Manufacturing & Quality SAP Cyber Lead Organization, a
specialized team within Lilly's Cybersecurity organization
dedicated to supporting Manufacturing and Quality functions
globally. Our team consists of cybersecurity professionals who
understand both the technical intricacies of cyber defense and the
operational realities of pharmaceutical manufacturing. We value
partnership over enforcement —bringing security expertise while
respecting manufacturing operations and GMP requirements. Our
culture emphasizes collaboration, continuous learning, innovation,
and pragmatic risk management. We believe security should enable
the business, not block it, and we work closely with stakeholders
to find the right balance between protection and operational
efficiency. Expectations This role requires an experienced
professional who can operate at both strategic and tactical levels.
You'll be expected to: Influence across and upward: Build
credibility and present security recommendations to Manufacturing
and Quality business partners while navigating organizational
complexity Bring structure to ambiguity: Take on complex, undefined
challenges and create frameworks, processes, and solutions that
work in the real world Exercise expert judgment: Make informed risk
decisions, balance competing priorities, and provide guidance on
security vs. operational trade-offs Think innovatively: Challenge
conventional approaches, identify opportunities for
transformational improvements, and stay ahead of industry trends
Additional Information Travel: Less than 10% Location:
Indianapolis, IN Join us in protecting the systems that make
medicines possible. Lilly is dedicated to helping individuals with
disabilities to actively engage in the workforce, ensuring equal
opportunities when vying for positions. If you require
accommodation to submit a resume for a position at Lilly, please
complete the accommodation request form (
https://careers.lilly.com/us/en/workplace-accommodation ) for
further assistance. Please note this is for individuals to request
an accommodation as part of the application process and any other
correspondence will not receive a response. Lilly is proud to be an
EEO Employer and does not discriminate on the basis of age, race,
color, religion, gender identity, sex, gender expression, sexual
orientation, genetic information, ancestry, national origin,
protected veteran status, disability, or any other legally
protected status. Our employee resource groups (ERGs) offer strong
support networks for their members and are open to all employees.
Our current groups include: Africa, Middle East, Central Asia
Network, Black Employees at Lilly, Chinese Culture Network,
Japanese International Leadership Network (JILN), Lilly India
Network, Organization of Latinx at Lilly (OLA), PRIDE (LGBTQ
Allies), Veterans Leadership Network (VLN), Women’s Initiative for
Leading at Lilly (WILL), enAble (for people with disabilities).
Learn more about all of our groups. Actual compensation will depend
on a candidate’s education, experience, skills, and geographic
location. The anticipated wage for this position is $64,500 -
$151,800 Full-time equivalent employees also will be eligible for a
company bonus (depending, in part, on company and individual
performance). In addition, Lilly offers a comprehensive benefit
program to eligible employees, including eligibility to participate
in a company-sponsored 401(k); pension; vacation benefits;
eligibility for medical, dental, vision and prescription drug
benefits; flexible benefits (e.g., healthcare and/or dependent day
care flexible spending accounts); life insurance and death
benefits; certain time off and leave of absence benefits; and
well-being benefits (e.g., employee assistance program, fitness
benefits, and employee clubs and activities).Lilly reserves the
right to amend, modify, or terminate its compensation and benefit
programs in its sole discretion and Lilly’s compensation practices
and guidelines will apply regarding the details of any promotion or
transfer of Lilly employees. WeAreLilly
Keywords: Eli Lilly and Company, Noblesville , Cybersecurity Business Analyst - Manufacturing and Quality, IT / Software / Systems , Indianapolis, Indiana
