Executive Director, Global Head of Cybersecurity and IT Risk Management
Kyowa Kirin is a fast-growing global specialty pharmaceutical company that applies state-of-the-art biotechnologies to discover and deliver novel medicines in four disease areas: bone and mineral; intractable hematologic; hematology oncology; and rare disease. A Japan-based company, our goal is to make people smile by delivering breakthroughs where no adequate treatments currently exist, working from drug discovery to product development and commercialization. In North America, we are headquartered in Princeton, NJ, with offices in California, Massachusetts, and Ontario.
The Executive Director, Global Head of Cybersecurity and IT Risk Management is responsible for protecting the network and attached systems against internal and external threats, both physical and in cyber space. This position ensures security devices are properly configured and fit for purpose and will play a key role as one of the global ICT leadership members working with global stakeholders including CSR, region/function key stakeholders, and external security vendors to ensure computer services, systems, and practices contribute to overall data and network security. Further, this position will ensure monitoring and analysis practices are in place to help ensure IT security issues are identified and mitigated.
Essential Functions
- Implement and monitor security measures for the protection of computer systems, networks, and data.
- Develop an operating model with clear goals, metrics, and an analysis of organizational challenges to drive maturity improvements.
- Develop strategy and governance for the implementation and use of Artificial Intelligence (AI).
- Establish/maintain the management framework by collaborating with related stakeholders inside and outside of the ICT function.
- Monitor and analyze network traffic.
- Identify and define system security requirements.
- Design computer security architecture and develop detailed cybersecurity designs.
- Prepare and document standard operating procedures (SOP) and protocols for security best practices.
- Configure and troubleshoot security infrastructure devices.
- Develop technical solutions and security tools to mitigate vulnerabilities.
- Write comprehensive reports on assessment findings and propositions for security enhancements.
- Collaborate with global teams on security initiatives.
- Manage the Third Party Risk Management security program.
- Dedicate resources for network threat detection and response.
- Implement controls to reduce IT risks in cloud and co-location environments.
- Support the implementation of Information Security Programs and advise on Active Directory best practices.
- Evaluate and recommend end-point best practices and systems.
- Manage vulnerabilities of IT systems and execute the incident response plan, playing a key role as Incident Commander.
- Actively participate at global and regional levels to ensure IT security meets business objectives.
- Maintain high security capabilities in threat mitigation, detection, and response across all IT systems, including third-party vendors.
- Perform vendor security audits and screenings as needed.
- Provide performance information of team members to regional ICT heads for personnel evaluation.
Education
Bachelor’s degree in Security Engineering or related field required; Master’s degree in Information Technology, security, or any other related technical or data science field is preferred; One or more certifications such as a CISSP, CISA, CISM or equivalent is desired.
Experience
At least 12 years of security industry experience; Proven work experience as a director/manager in one of the security function areas: Security operations, incident response, governance, risk, and compliance with a working knowledge of the NIST CSF 2.0 framework; Experience in building and maintaining security systems; Detailed technical knowledge of database and operating system security; Hands-on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.; Experience with network security and networking technologies and with system, security, and network monitoring tools; Thorough understanding of the latest security principles, techniques, and protocols.
Technical Skills
Proficient in MS Office Suite; Experience or knowledge of cloud services such as AWS/MS Azure, etc.
Non-Technical Skills
Problem-solving skills and ability to work under pressure; Business and strategic acumen and ability to manage expanding levels of complexity; Fluent in English; Excellent verbal and written communication skills and executive presence; Broad level of interpersonal skills and flexibility; Cultural sensitivity and ability to develop consensus within a multinational organization.
#J-18808-Ljbffr
