At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where ,Health for all, Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice.

Cyber Security Engineer 

POSITION PURPOSE:

This role is responsible for managing, operating, and maintaining the controls that protect Bayer’s computer networks, systems and data from cyberattacks. They work closely with IT teams to identify, assess and mitigate security risks, and they work with ITSM to ensure operational continuity and with cyber incident response to contain the damage from security incidents and prevent future attacks.

YOUR TASKS AND RESPONSIBILITIES:

• Governance and policy: Govern CI compliance and run regular risk/posture reviews aligned to ISO 27001, NIST CSF/800-53, CIS, SOX, HIPAA, and PCI DSS.
• Enforce asset policies and control objectives (inventory, configuration, patching, licensing, encryption, data handling); govern enterprise endpoint/security controls across workstation, data center, cloud, and mobile per CSF.
• Configuration baselines and hardening: Define approved configurations and baselines per asset class using CIS/NIST and vendor guidance. Enforce baseline adherence via configuration management tools; track and remediate drift. Govern golden images and standard build processes; control local admin privileges and services.
• Patch and vulnerability compliance: Own patch/vulnerability SLAs and maintenance windows; drive scanning/remediation, risk thresholds, and escalations; report posture by asset, Business Unit, and environment.
• Access control and identity hygiene: Enforce least-privilege and privileged access hygiene (MFA, device/posture checks); audit and rotate local, service, and SSH credentials.
• Cloud and container asset compliance: Codify cloud/container compliance (tagging/ownership, policy-as-code: OPA/AWS Config/Azure Policy); validate CIS benchmarks, require SBOMs and image scanning, and block noncompliant images.
• Exception management: Operate exception management with risk acceptance, compensating controls, and expirations.
• Monitoring, reporting, and metrics: Build dashboards for asset coverage, baseline compliance, patch/vulnerability SLAs, encryption status, and license adherence; design and measure coverage and effectiveness metrics for security controls to identify gaps and risks; provide monthly/quarterly compliance reports for Security/IT leadership and executive/regulatory audiences in a senior-leadership–consumable format; and alert on critical drifts, missing telemetry, or non-reporting assets, driving remediation.
• Evaluate tools via RFPs/POCs for CSF-aligned control effectiveness.
• Maintain SOPs, change procedures, and training; brief leadership and enable global teams through knowledge transfer and training.
• Design, build, and maintain AI agents to automate workflows via APIs with reliability, security, and observability.
• Participate in remote on-call support as needed.

WHO YOU ARE:

• Bachelor’s degree in a relevant field (e.g., Computer Science, Cybersecurity, IT) or 3+ years of equivalent IT experience.
• 3+ years in IT Security Engineering & Security Operations, or a related field, with a focus on designing, implementing, and managing security controls in a global enterprise environment.
• Desired, but not required: Certified Information Systems Security Professional (CISSP).
• Hands on experience with endpoint, data center, and mobile security; securing cloud endpoints across multi-cloud (tool selection, deployment, operations)
• Experience with visualizing KPI and dataflows for CI Compliance dashboards
• Base knowledge of security controls at scale; policy/standard development and enforcement.
• Experience with cyber security tools and techniques to automate security tasks, streamline incident response, and enhance overall security posture.
• Experience with relevant security standards and regulations that apply, such as PCI DSS and HIPAA. They should be able to assess compliance requirements and implement necessary controls to ensure adherence to these standards.

Ever feel burnt out by bureaucracy? Us too. That's why we're changing the way we work- for higher productivity, faster innovation, and better results. We call it Dynamic Shared Ownership (DSO). Learn more about what DSO will mean for you in your new role here

https://www.bayer.com/enfstrategyfstrategy

Bayer does not charge any fees whatsoever for recruitment process. Please do not entertain such demand for payment by any individuals / entities in connection with recruitment with any Bayer Group entity(ies) worldwide under any pretext.

Please don’t rely upon any unsolicited email from email addresses not ending with domain name “bayer.com” or job advertisements referring you to an email address that does not end with “bayer.com”. For checking the authenticity of such emails or advertisement you may approach us at HROP_INDIA@BAYER.COM.