• Perform vulnerability scanning, vulnerability management and CSSP tooling and coordination • Support the Cybersecurity team in complex to highly complex aspects of the Leidos Cybersecurity planning of the EHR system, and provide leadership to individual tasks as necessary • Support the Cybersecurity Lead in the development and management of project management plan(s), provide management summaries which identify potential risks, and recommend plans to mitigate those risks • Conduct ACAS scans in support of identifying new vulnerabilities/findings on DHMSM ATOs; Provide finding metrics, evidence of closures/burndown • Maintain ACAS and eMass asset inventories in support of ConMon process • Coordinate responses to IAVMs, CTOs and other taskers from the CSSP/CYOC • Coordinate deployment of CSSP tools to MHS Genesis ATO assets • As necessary, support the Cybersecurity Lead in meeting, presenting, and providing status to senior government personnel on the Program • Support ongoing upgrades, pitches and projects by providing cyber reviews and input to the TPM leading each project as backup to lead cyber architect • Assist the Cybersecurity Lead in ensuring the project meets identified milestones • Support the development of cyber strategy and associated documentation • Provide Subject Matter Expertise for customer inquiries • Support the establishment and maintenance of internal and external relationships for cyber related collaboration

• Play a pivotal role in developing and executing strategies to counter emerging threats to Amgen products throughout the regulated supply chain • Direct response and remediation activities related to global supply chain incidents, including diversion and theft • Collaborate across Amgen’s diverse internal network to ensure effectiveness and agility of the Product Security program • Provide strategic oversight and support to global supply chain product security initiatives in partnership with Supply Chain Security and Operations • Support a cross-functional steering committee, including representatives from Global Security, Operations, Supply Chain, Legal, and Corporate Audit • Define and operationalize strategies for threat monitoring, incident reporting and response, enforcement protocols, and other key security functions • Support the development of tools and systems used to monitor security threats impacting the supply chain • Leverage the Global Security Operations Center (GSOC) • Provide Amgen leadership with metrics, KPIs, and reports on emerging and ongoing threats to Amgen products • Create and execute strategies to promote education and awareness of Product Security issues affecting Amgen • Accountable to represent Amgen interests in industry and government working groups, task forces, and committees (e.g., PSI, HDA) • Facilitate security audits of vendors, suppliers, and business partners, both proactively and in response to specific concerns • Manage activities related to the supply chain security audit program, in collaboration with internal stakeholders • Assess site risks and vulnerabilities for product security and create response plans to maintain effective security procedures • Build and maintain relationships with law enforcement and emergency services agencies • Coordinate efforts with other directorates within Global Security • Select, train, and manage contract workers and consultants • Conduct and manage internal and external investigations as needed.

• Implement, update, troubleshoot, and maintain our SIEM and SOAR security solutions. • This will include implementing logging infrastructure, identifying automation opportunities, and defining security systems requirements • Analyze security systems and seek improvements via automation or otherwise, on a continuous basis • Develop, document, and maintain security standards, technical documentation, and standard operating procedures • Tune, filter, and customize security systems in coordination with Information Security Analysts • Construct basic project plans based on requirements analysis • Communicate project status to leadership and management, including wins, impediments, and basic metrics • Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and federal privacy laws, and general security auditing • Participate in the organization's incident response plan and perform, reviews, and analyzes events/incidents on an as needed basis • Act as information security subject matter expert and consult with fellow team members and those outside of the security organization to provide guidance and insight into solving basic to moderately complex security challenges • Be willing to work outside normal business hours when needed to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted • Be willing to travel both domestically and/or internationally up to 5%

Line of Service Advisory Industry/Sector Not Applicable Specialism IFS - Information Technology (IT) Management Level Senior Associate Job Description & Summary Una carrera en Seguridad de la Información te brindará la oportunidad de desarrollar y respaldar nuestras tecnologías y servicios de seguridad internos en toda la red global de PwC. Te enfocarás en estar a la vanguardia del diseño, desarrollo e implementación de tecnologías de la información, incluyendo hardware, software y redes que mejoran la seguridad de nuestros datos, redes y protegen los activos intelectuales de la firma. Conocimientos/Habilidades preferidos: - Amplia experiencia en ciberseguridad (mínimo 3 años). A partir del envio de los cvs, iremos calibrando el perfil. - Experiencia laboral con IA. Excluyente Conocimiento intermedio. - Experiencia comprobada en Power Platform. Excluyente - Experiencia trabajando con uno o más proveedores de servicios en la nube: Azure, AWS. Excluyente - Capacidad para trabajar e interactuar con diversos contenidos de APIs. Excluyente - Experiencia laboral en Compliance. Deseable - Experiencia trabajando con herramientas de automatización y orquestación como ADO Pipelines, Ansible, Git y/o Terraform. Deseable Características de la posición: - Recibido en carreras/tecnicaturas en sistemas o afines o, contador público o afines. - Inglés profesional / bilingüe. - Modalidad remoto. Todas las personas calificadas serán consideradas para trabajar en PwC sin importar etnia; credo; color; religión; nacionalidad; edad; discapacidad; neurodiversidad; orientación sexual; identidad o expresión de género; estado civil, o cualquier otra condición protegida por la ley. PwC se enorgullece de ser una organización inclusiva y brindar igualdad de oportunidades. -Comprender la importancia de una correcta gestión de la información -Conocimientos de Seguridad de la Información y Protección de Datos -Gestión correcta de la Seguridad de la Información Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Firewalls, IP Networks, Microsoft Azure Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Governance, Data Architecture, Data Archiving, Data Flow Mapping, Data Privacy Act, Embracing Change, Emotional Regulation, Empathy, Enterprise Content Management, Incident Response Plan, Inclusion, Information Rights Management (IRM), Information Security, Information Security Governance, Information Security Management System (ISMS), Intellectual Curiosity, IT Infrastructure {+ 11 more} Desired Languages (If blank, desired languages not specified) English Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date