At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.
Actual compensation will depend on a candidate’s education, experience, skills, and geographic location. The anticipated wage for this position is
$154,500 - $261,800
As a Sr./Principal Security Architect, you will play a crucial role in securing both critical infrastructure and enterprise systems. Your responsibilities include conducting security reviews across the full technology stack - from industrial systems to cloud services, developing secure architecture patterns, and ensuring the seamless integration of security controls across all environments. You'll partner with manufacturing operations, engineering teams, IT departments, and cloud service providers to ensure secure technology deployment while maintaining operational efficiency. Additionally, you'll provide technical leadership in secure system design, mentor security engineers, and develop frameworks for secure implementations across all technology domains.
How You'll Succeed:
- Leadership & communication skills: You will bridge the gap between IT and OT teams, translating complex security concepts for diverse audiences and influencing stakeholders across multiple disciplines. Strong relationship-building abilities and technical leadership are essential.
- Agility: Demonstrate ability to adapt security solutions to evolving threats while maintaining operational stability in manufacturing environments. Balance security improvements with production requirements.
- Technical expertise: Leverage deep understanding of both traditional IT security and ICS/OT security principles to develop comprehensive security architectures that protect manufacturing assets and enterprise systems.
- Problem-solving skills: Apply methodical approach to identifying and addressing security challenges in complex industrial and enterprise environments, ensuring solutions meet both security and operational requirements.
- Knowledge of manufacturing technology: Maintain current understanding of industrial protocols, control systems, manufacturing operations, and cloud security principles to provide relevant security guidance.
- Balancing security and operational needs: Develop security solutions that protect critical assets while ensuring continuous operation of manufacturing processes and business systems.
What You'll Be Doing:
- Conduct security architecture reviews and risk assessments for manufacturing technology, ICS, cloud services, SaaS solutions, and enterprise systems.
- Develop and maintain technical specifications, security patterns, and guidance for secure integration of IT, OT, and cloud systems.
- Perform threat modeling across different technology domains using frameworks such as MITRE ATT&CK (both Enterprise and ICS) and ISA/IEC 62443.
- Design secure architectures for industrial and enterprise environments, including appropriate segmentation, security controls, and cloud security patterns.
- Create and maintain security standards spanning industrial protocols, control systems, cloud services, and enterprise applications.
- Evaluate proposed technology solutions including SaaS offerings, cloud services, and industrial systems for security implications.
- Lead security architecture reviews for new technology implementations, vendor solutions, and cloud service providers.
- Develop incident response and recovery procedures covering both OT and IT environments.
- Provide technical leadership in secure system design and implementation across all technology domains.
- Mentor security engineers on comprehensive security principles spanning OT, IT, and cloud environments.
What You Should Bring:
- Experience in designing and implementing secure architectures for both manufacturing and enterprise environments.
- Deep understanding of industrial protocols and common ICS platforms, as well as cloud security architecture principles.
- Hands-on experience with major cloud platforms (AWS, Azure, GCP) and their security controls.
- Experience evaluating SaaS solutions and third-party vendor security.
- Knowledge of relevant standards and frameworks (ex. ISA/IEC, CSA, NIST, ISO, etc.) for both industrial and enterprise cybersecurity.
- Strong understanding of IT/OT convergence challenges and cloud integration solutions.
- Experience with security assessment tools and methodologies for both industrial and enterprise systems.
- Excellent communication skills with ability to explain complex security concepts to diverse audiences.
- Proven experience in developing security architectures that balance protection with operational requirements.
- Track record of successful collaboration across technical domains.
Your Basic Qualifications:
- Bachelor's Degree in Engineering, Computer Science, Information Technology, or related field OR
- High School Diploma/GED with 4+ years of experience in Industrial Control Systems security, Manufacturing Technology, or related field, AND
- 8+ years demonstrated experience in security architecture, with at least 5 years focusing on manufacturing technology/ICS security, cloud security, or enterprise architecture
- Qualified candidates must be legally authorized to be employed in the United States. Lilly does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) for this employment position.
- Preferred: Previous experience working as an engineer in a manufacturing environment
Additional Information:
- Role is located in Indianapolis, IN
Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form ( https://careers.lilly.com/us/en/workplace-accommodation ) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response.
Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.
Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women’s Network, Working and Living with Disabilities. Learn more about all of our groups.
Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities).Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly’s compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees.
#WeAreLilly