FLBK FUJIFILM Diosynth Biotechnologies UK Limited
Billingham, Yorkshire
Protect identities at global scale. We're hiring a hands on Senior Identity Protection Engineer/Specialist to lead detection, investigation, and response for identity based threats across Microsoft Entra ID/Azure AD, on prem Active Directory, and connected SaaS/IaaS. What you'll do Lead identity threat monitoring and triage Operate and tune CrowdStrike Identity Protection; monitor SIEM/UEBA and identity telemetry for risks like impossible travel, atypical sign ins, MFA fatigue, and session hijacking Validate true/false positives, prioritize by business impact, and expedite per playbooks/SLAs Drive rapid containment and remediation Execute containment actions (disable accounts, revoke sessions/tokens, isolate hosts) Coordinate remediation with IAM/Endpoint/Infrastructure; verify risk reduction to closure Own identity focused incident response; lead IR for credential compromise, privilege escalation, directory persistence, and lateral movement Ensure evidence handling, root cause analysis, post incident reviews, and lessons learned Engineer detections and hunt for threats Build and refine detections and hunts across SIEM/EDR/identity platforms using KQL/SQL/regex/Sigma aligned to MITRE ATT&CK Close visibility gaps, reduce false positives, and expand privileged activity monitoring Strengthen privileged access controls; detect anomalous privileged behavior via SIEM/UEBA and Netskope telemetry Recommend/enforce JIT, break glass patterns, and mover/leaver privilege hygiene with IAM Respond to dark web/credential exposure; integrate sources like CyberInt; assess exposure and targeted campaigns Orchestrate takedowns, forced resets, token revocation, and Conditional Access updates Administer platforms and sustain hygiene; maintain coverage/health for identity monitoring; manage upgrades and changes via CAB Keep operational runbooks, SOPs, and playbooks current Automate and orchestrate at scale using PowerShell/Python and REST/Graph/CrowdStrike APIs (and SOAR where applicable) Shape identity policy and controls; advise on Conditional Access, MFA exceptions, SSO/SCIM patterns, and session controls under the shared responsibility model with IAM Report outcomes and support audits; produce executive ready dashboards and KPIs (identity incident volume, MTTD/MTTR, CA/MFA efficacy, exposure/takedown cycle time) Maintain audit ready evidence and support internal/external audits What you'll bring Bachelor's degree in Cybersecurity, Computer Science, IT, or related field; or equivalent practical experience 8+ years in IT/cybersecurity, including 3+ years focused on identity security/operations (Entra ID/Azure AD, on prem AD, MFA, Conditional Access, SSO/SCIM) Hands on enterprise experience administering/operating CrowdStrike Identity Protection Proficiency with SIEM/UEBA (Splunk preferred) and cloud security platforms (e.g., Netskope) for identity telemetry, detection, and investigations Demonstrated experience in identity centric IR, threat hunting, and detection engineering (KQL/SQL/regex/Sigma) Scripting/automation with PowerShell and Python; experience with REST/Graph/CrowdStrike APIs and SOAR Clear communication and documentation skills; comfortable producing executive ready reports and audit evidence Operates effectively within change control/CAB and under pressure during high severity incidents Bonus points Certifications: Microsoft SC 200/SC 300; Okta Certified Administrator/Professional; CISSP, SSCP, Security+; GIAC (GMON, GCIH, GCDA) or equivalent Deep knowledge of identity attack paths and protocols (Kerberos/NTLM), token/session abuse, and persistence techniques (e.g., Golden/Silver Ticket, DCShadow) Experience with JIT/JEA, PAM concepts, and global on call rotations Location, work style, and travel Opportunities in the United States, United Kingdom, and Denmark. Onsite or hybrid depending on location and business needs. Occasional on call coverage may be required. Why you'll love it here Own a mission critical identity defense stack and make measurable impact on MTTD/MTTR and privilege hygiene Solve complex problems from dark web exposure to directory persistence and lateral movement Collaborate with experienced global teams and leading vendors to continuously raise the bar Grow your career in a modern, data driven security operations environment Benefits and compensation will be governed by the location where you are based and considered your home site. This is a global position that will support all our FUJIFILM Biotechnologies sites.
Protect identities at global scale. We're hiring a hands on Senior Identity Protection Engineer/Specialist to lead detection, investigation, and response for identity based threats across Microsoft Entra ID/Azure AD, on prem Active Directory, and connected SaaS/IaaS. What you'll do Lead identity threat monitoring and triage Operate and tune CrowdStrike Identity Protection; monitor SIEM/UEBA and identity telemetry for risks like impossible travel, atypical sign ins, MFA fatigue, and session hijacking Validate true/false positives, prioritize by business impact, and expedite per playbooks/SLAs Drive rapid containment and remediation Execute containment actions (disable accounts, revoke sessions/tokens, isolate hosts) Coordinate remediation with IAM/Endpoint/Infrastructure; verify risk reduction to closure Own identity focused incident response; lead IR for credential compromise, privilege escalation, directory persistence, and lateral movement Ensure evidence handling, root cause analysis, post incident reviews, and lessons learned Engineer detections and hunt for threats Build and refine detections and hunts across SIEM/EDR/identity platforms using KQL/SQL/regex/Sigma aligned to MITRE ATT&CK Close visibility gaps, reduce false positives, and expand privileged activity monitoring Strengthen privileged access controls; detect anomalous privileged behavior via SIEM/UEBA and Netskope telemetry Recommend/enforce JIT, break glass patterns, and mover/leaver privilege hygiene with IAM Respond to dark web/credential exposure; integrate sources like CyberInt; assess exposure and targeted campaigns Orchestrate takedowns, forced resets, token revocation, and Conditional Access updates Administer platforms and sustain hygiene; maintain coverage/health for identity monitoring; manage upgrades and changes via CAB Keep operational runbooks, SOPs, and playbooks current Automate and orchestrate at scale using PowerShell/Python and REST/Graph/CrowdStrike APIs (and SOAR where applicable) Shape identity policy and controls; advise on Conditional Access, MFA exceptions, SSO/SCIM patterns, and session controls under the shared responsibility model with IAM Report outcomes and support audits; produce executive ready dashboards and KPIs (identity incident volume, MTTD/MTTR, CA/MFA efficacy, exposure/takedown cycle time) Maintain audit ready evidence and support internal/external audits What you'll bring Bachelor's degree in Cybersecurity, Computer Science, IT, or related field; or equivalent practical experience 8+ years in IT/cybersecurity, including 3+ years focused on identity security/operations (Entra ID/Azure AD, on prem AD, MFA, Conditional Access, SSO/SCIM) Hands on enterprise experience administering/operating CrowdStrike Identity Protection Proficiency with SIEM/UEBA (Splunk preferred) and cloud security platforms (e.g., Netskope) for identity telemetry, detection, and investigations Demonstrated experience in identity centric IR, threat hunting, and detection engineering (KQL/SQL/regex/Sigma) Scripting/automation with PowerShell and Python; experience with REST/Graph/CrowdStrike APIs and SOAR Clear communication and documentation skills; comfortable producing executive ready reports and audit evidence Operates effectively within change control/CAB and under pressure during high severity incidents Bonus points Certifications: Microsoft SC 200/SC 300; Okta Certified Administrator/Professional; CISSP, SSCP, Security+; GIAC (GMON, GCIH, GCDA) or equivalent Deep knowledge of identity attack paths and protocols (Kerberos/NTLM), token/session abuse, and persistence techniques (e.g., Golden/Silver Ticket, DCShadow) Experience with JIT/JEA, PAM concepts, and global on call rotations Location, work style, and travel Opportunities in the United States, United Kingdom, and Denmark. Onsite or hybrid depending on location and business needs. Occasional on call coverage may be required. Why you'll love it here Own a mission critical identity defense stack and make measurable impact on MTTD/MTTR and privilege hygiene Solve complex problems from dark web exposure to directory persistence and lateral movement Collaborate with experienced global teams and leading vendors to continuously raise the bar Grow your career in a modern, data driven security operations environment Benefits and compensation will be governed by the location where you are based and considered your home site. This is a global position that will support all our FUJIFILM Biotechnologies sites.
FLBK FUJIFILM Diosynth Biotechnologies UK Limited
Billingham, Yorkshire
Title: Automation Engineer - Emerson DeltaV Location: Billingham, UK Overview We're looking for an Automation Engineer with deep Emerson DeltaV expertise to support, enhance, and expand our site Automation systems. You'll act as a hands on SME-maximizing uptime, resolving issues for Process Owners, and contributing to CAPEX and continuous improvement projects. This role spans fault finding, upgrades, new deployments, and delivery of validation and lifecycle documentation in a cGMP environment. Responsibilities Deploy, maintain, and optimise site Automation systems with a focus on DeltaV (Batch essential; DeltaV Live desirable). Provide front line support to Process Owners: diagnose, troubleshoot, and resolve automation issues to maximise system availability. Deliver small projects and CI initiatives, including change controls and validation/qualification deliverables. Prepare and review technical proposals, scope and cost estimates, and resource plans for process control work. Create/update lifecycle documentation: SOPs, periodic reviews, maintenance plans; sustain validated status for GMP systems. Support data capture and integration to third party systems; collaborate across SCADA/PLC/HMI/DCS, control networks, and field instrumentation. Qualifications HND or equivalent (e.g., time served apprenticeship) in EC&I and 7+ years in Pharmaceutical, Biopharmaceutical, or Control System Delivery for Life Sciences. Expert in DeltaV software design, development, hardware integration, and DeltaV Batch configuration. cGMP experience; strong understanding of validation in regulated environments. Solid OT architecture knowledge and industrial protocols (OPC, MODBUS, Profibus/Profinet, Foundation Fieldbus). Benefits Competitive salary, with 35 days holiday (not including Public Holidays). Annual incentive plan. Up earn up to 21% on your pension. Equal Opportunity We are committed to equal opportunities in hiring, promotion, compensation, benefits, and training-regardless of nationality, age, gender, sexual orientation or gender identity, race, ethnicity, religion, political creed, ideology, national or social origin, disability, or veteran status.
Title: Automation Engineer - Emerson DeltaV Location: Billingham, UK Overview We're looking for an Automation Engineer with deep Emerson DeltaV expertise to support, enhance, and expand our site Automation systems. You'll act as a hands on SME-maximizing uptime, resolving issues for Process Owners, and contributing to CAPEX and continuous improvement projects. This role spans fault finding, upgrades, new deployments, and delivery of validation and lifecycle documentation in a cGMP environment. Responsibilities Deploy, maintain, and optimise site Automation systems with a focus on DeltaV (Batch essential; DeltaV Live desirable). Provide front line support to Process Owners: diagnose, troubleshoot, and resolve automation issues to maximise system availability. Deliver small projects and CI initiatives, including change controls and validation/qualification deliverables. Prepare and review technical proposals, scope and cost estimates, and resource plans for process control work. Create/update lifecycle documentation: SOPs, periodic reviews, maintenance plans; sustain validated status for GMP systems. Support data capture and integration to third party systems; collaborate across SCADA/PLC/HMI/DCS, control networks, and field instrumentation. Qualifications HND or equivalent (e.g., time served apprenticeship) in EC&I and 7+ years in Pharmaceutical, Biopharmaceutical, or Control System Delivery for Life Sciences. Expert in DeltaV software design, development, hardware integration, and DeltaV Batch configuration. cGMP experience; strong understanding of validation in regulated environments. Solid OT architecture knowledge and industrial protocols (OPC, MODBUS, Profibus/Profinet, Foundation Fieldbus). Benefits Competitive salary, with 35 days holiday (not including Public Holidays). Annual incentive plan. Up earn up to 21% on your pension. Equal Opportunity We are committed to equal opportunities in hiring, promotion, compensation, benefits, and training-regardless of nationality, age, gender, sexual orientation or gender identity, race, ethnicity, religion, political creed, ideology, national or social origin, disability, or veteran status.