CordenPharma is a leading contract development and manufacturing organization (CDMO) and, as a full-service provider, develops and produces active pharmaceutical ingredients, pharmaceuticals, and related packaging services on behalf of its customers. The group employs approximately 3,000 people.

Our network in Europe and the US offers flexible and specialized solutions across six technology platforms: Peptides, Lipids & Carbohydrates, Injectables, Highly Potent & Oncology, Small Molecules, and Oligonucleotides. We strive for excellence in supporting this network and are committed to delivering the highest quality products for the benefit of patients.

Our People Vision:
We strive for excellence. We share our passion. Together, we make a difference in patients’ lives.

Overview

We are looking for a Cybersecurity Analyst with strong technical expertise to support and protect our pharmaceutical operations. This role will play a critical part in monitoring security events, managing SIEM content, assessing risks for firewall changes, securing our Microsoft 365 environment, and conducting incident investigations.
In our highly regulated industry, the analyst will also ensure security activities align with compliance requirements (GxP) while protecting sensitive research, intellectual property, and customer data.

SIEM Operations & Threat Detection

• Monitor, triage, and analyze events in the SIEM system.
• Develop, fine-tune, and maintain detection rules aligned with current threat landscape and pharma-specific risks (e.g., IP theft, insider threats).
• Ensure log sources from validated systems remain compliant with regulatory and audit standards.

Technical Security Assessments

• Review firewall change requests, assess risks, and document recommendations within change management processes.
• Support security risk assessments of IT/OT systems used in manufacturing and R&D environments.
• Ensure technical controls align with 21 CFR Part 11, GxP, and other regulatory requirements.

Microsoft 365 Security Administration

• Assess Microsoft 365 security configurations and provide input for the infrastructure operation team
• Maintain and extend data loss prevention (DLP) policies to protect confidential data.
• Regularly run and document compliance/security tasks for audits and regulatory reporting.

Incident Response & Investigations

• Conduct deep-dive investigations of potential security incidents, including advanced phishing, and targeted attacks.
• Collect forensic evidence in compliance with chain-of-custody and regulatory standards.
• Collaborate with IT, QA, and Legal to ensure incidents are handled in a way that meets audit and compliance obligations.

Governance, Risk & Compliance Alignment

• Document technical controls and provide evidence for audits (internal, FDA, ISO).
• Participate in security projects (e.g., identity and access management, manufacturing security).

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• 2–5 years of technical experience in technical security, incident response, or SOC environments.
• Hands-on experience with SIEM platforms.
• Experience with Microsoft 365 security configuration.
• Knowledge of firewall technologies and risk assessment for change requests.
• Strong problem-solving skills with an eye for compliance documentation and audit readiness.
• Good knowledge of Project Management

Preferred Skills

• Desirable certifications: CISSP, CISM, Security+, GCIH, or Azure Security Engineer Associate.
• Experience with data loss prevention (DLP) and IP protection solutions.