Kyowa Kirin is a fast-growing global specialty pharmaceutical company that applies state-of-the-art biotechnologies to discover and deliver novel medicines in four disease areas: bone and mineral; intractable hematologic; hematology oncology; and rare disease. A Japan-based company, our goal is to make people smile by delivering breakthroughs where no adequate treatments currently exist, working from drug discovery to product development and commercialization. In North America, we are headquartered in Princeton, NJ, with offices in California, Massachusetts, and Ontario.
The Senior Director, Information Technology Security is responsible for protecting the network and attached systems against internal and external threats; physical and in cyber space. This position ensures security devices are properly configured and fit for purpose and will play a key role working with HQ based global teams and external security vendors ensuring computer services, systems and practices contribute to overall data and network security. Further, this position will ensure monitoring and analysis practices are in place to help ensure IT security issues are identified and mitigated.
Essential Functions:
- Managing NA IT cyber security risk aligning with both global direction and regional requirements.
- Implement and monitor security measures for the protection of computer systems, network and data.
- Responsible for network traffic monitoring.
- Identify and define system security.
- Design computer security architecture and develop detailed cyber security designs.
- Prepare and document standard operating procedures and protocols for security best practices.
- Configure and troubleshoot security infrastructure devices.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
- Work with global teams on security related initiatives.
- Responsible for conducting penetration testing.
- Responsible for managing Third Party Risk Management security program.
- Responsible for network threat detection.
- Responsible for implementation of controls to reduce IT risks in cloud and co-location environments.
- Responsible for supporting the implementation of Information Security Programs.
- Responsible for advising on Active Directory best security practices.
- Responsible for evaluating and recommending end-point best practices and systems.
- Responsible for Vulnerability management of IT systems.
- Responsible for reviewing, and executing the incident response plan; play key role on the incident response team.
- Responsible for developing relevant metrics, analyzing data, identifying trends and helping drive improvements to the control environment.
- Responsible for developing SOPs, in close collaboration with relevant areas, for NA IT to achieve strong governance in System Development and Operation, Asset Management, Strategy Development and Service and Asset Procurement.
- Actively participates in both the global and regional level to ensure IT security meets business objectives.
- Responsible for maintaining a high degree of security capabilities in threat mitigation, detection and response throughout all IT systems. Supports security initiatives in global systems and third-party vendors.
- Responsible for supporting other IT departments delivering on key initiatives.
- Perform vendor security audits and screenings as needed, based on best practices.
Education:
Bachelor's degree in security engineering or related field required. CISSP, CISA, CISM or equivalent certification required.
Experience:
At least 5 years of industry experience. Proven work experience as a System Security Engineer or Information Security Engineer - working knowledge of NIST framework. Experience in building and maintaining security systems. Detailed technical knowledge of database and operating system security. Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. Experience with network security and networking technologies and with system, security, and network monitoring tools. Thorough understanding of the latest security principles, techniques, and protocols.
Technical Skills:
Proficient in MS Office Suite.
Non-Technical Skills:
Problem-solving skills and ability to work under pressure. Business and strategic acumen and ability to manage expanding levels of complexity. Excellent verbal and written communication skills and executive presence. Broad level of interpersonal skills and flexibility. Cultural sensitivity and ability to develop consensus within a multinational organization.
KKNA and all of its employees have an obligation to act in accordance with the law and with integrity in all our operations and interactions.
It is the policy of Kyowa Kirin North America, Inc. to provide equal employment opportunity to all qualified persons without regard to race, religion, creed, color, pregnancy, sex, age, national origin, disability, genetic trait or predisposition, veteran status, marital status, sexual orientation or affection preference or citizenship status or any other category protected by law.
#J-18808-Ljbffr