Role Overview:
As an Associate IS Security Engineer at Amgen, you will play a crucial role within the Cybersecurity and Digital Trust (CDT) organization. Your primary responsibility will be to maintain and enhance the internal controls environment by collaborating with cross-functional teams to evaluate security risks and controls in information systems and projects. You will support various capabilities within the Governance, Risk and Compliance (GRC) team, focusing on risk management activities such as assessing security risks, recommending IT controls, and advising on control improvements.

Key Responsibilities:
- Bring innovative thinking, domain expertise, and a deep understanding of IT risks and controls to empower IT process and product owners in developing and maintaining secure and compliant IT solutions.
- Advise project teams and application owners on information security risks and controls.
- Participate in projects requiring security risks and controls expertise, ensuring appropriate security controls are implemented.
- Evaluate compliance with security requirements and assess IT controls' design and implementation in various IT security processes.
- Test the operating effectiveness of IT controls, including user access management, change management, and computer operations for complex IT systems.
- Identify control deficiencies, assess risks, and suggest mitigating controls.
- Document and communicate risks and risk mitigation actions effectively.
- Utilize ISO and NIST information security frameworks to establish accountability and responsibility for controls within the information systems organization.
- Ensure quality and timeliness across different functional deliverables, taking ownership of issues and seeing them through to completion.
- Provide input based on industry best practices and experience to enhance security risk and controls areas.
- Stay updated on emerging technological trends, security assessment, and risk management methodologies and standards.
- Work hours are from 2 PM to 11 PM IST.

Qualification Required:
- Bachelor's degree and 3 years of directly related experience
OR
- Associate degree and 5 years of directly related experience
OR
- High school diploma / GED & 10 years of directly related experience

Preferred Qualifications:
- Bachelor's degree in computer information systems or computer science.
- 2 years of IT audit, Information Technology / Security control assurance, or enterprise IT compliance experience.
- Advanced industry-recognized security certification (i.e., CISA, CISM, CISSP, CRISC, Security, etc.).
- Working knowledge of Information Security principles: confidentiality, integrity, and availability.
- Knowledge of international standards for Information Technology and Information Security (i.e., ISO 2700x, NIST CSF, COBIT, ITIL, etc.).
- Strong critical thinking skills for complex risk scenarios.
- Ability to understand new technologies and propose appropriate controls and compliance mentorship.
- Excellent written and verbal communication skills, including the ability to explain technical matters to a non-technical audience.
- Detail-oriented with a focus on quality and ownership.
- Exceptional teamwork skills in cross-functional environments.
- Experience working in large/global corporate environments.
- Fluency in English language.

Additional Company Details:
Amgen focuses on addressing areas of high unmet medical need, striving for solutions that improve health outcomes and enhance people's lives. As a biotechnology pioneer since 1980, Amgen has become one of the world's leading independent biotechnology companies, reaching millions of patients globally and developing a pipeline of medicines with significant potential.

Amgen promotes a diverse and inclusive work environment, values collaboration, trust, empowerment, and inclusion. The company prioritizes employee well-being, offering industry-leading benefits for all employees, including transgender individuals and families of all compositions. Role Overview:
As an Associate IS Security Engineer at Amgen, you will play a crucial role within the Cybersecurity and Digital Trust (CDT) organization. Your primary responsibility will be to maintain and enhance the internal controls environment by collaborating with cross-functional teams to evaluate security risks and controls in information systems and projects. You will support various capabilities within the Governance, Risk and Compliance (GRC) team, focusing on risk management activities such as assessing security risks, recommending IT controls, and advising on control improvements.

Key Responsibilities:
- Bring innovative thinking, domain expertise, and a deep understanding of IT risks and controls to empower IT process and product owners in developing and maintaining secure and compliant IT solutions.
- Advise project teams and application owners on information security risks and controls.
- Participate in projects requiring security risks and