Regeneron Pharmaceuticals – Tarrytown, New York
Director, Information Security
Reports To:
Vice President for Information Systems and Technology (VP IT).
Primary Functions
Under the direction of the VP, IT and VP, Chief Compliance Officer, development, delivery and oversight of an information security program that includes the establishment and maintaining of standards, procedures and guidelines to protect the Company's information assets stored on information systems and technologies at Regeneron and at vendor partner facilities. This role includes, but is not limited to the identification and remediation of potential or known exposures (accidental or intentional), that may cause serious financial and/or information loss to Regeneron, as well as establishing policy on the administration of systems and information ownership; information and data classification guidelines.
Specific Duties
1. Manage the information security function in accordance with the established policies and guidelines.
2. Works with Information Technology and Business owners and, under the authority of the VP IT, implements and maintains the Company-wide Information Security program, inclusive of outsourced systems.
3. Interact with Business Leadership to ensure that the Information Security Program addresses Business needs for protection of Intellectual Property and compliance with legislation.
4. Conduct the information security risk assessment and risk management program. Review and enforce compliance with the information security policy and associated procedures.
5. Coordinate information security efforts with other departments such as Internal Audit, Facilities Management and Office of Compliance.
6. Coordinate security orientation and security awareness programs.
7. Develop and manage contingency planning strategy
8. Provides guidance and direction for the physical and logical protection of Information resources to other functional departments
9. Establishes a reporting process to ensure that management is kept appraised of the effectiveness of Information Security and problem resolution.
10. Act as meeting facilitator for Information Security Governance Committee (ISG) meetings
11. Responsible for providing periodic updates on the status of information security including any security breaches that have occurred and the status of security projects, reviews, identified weaknesses and remediation efforts.
Supervisory Responsibilities:
Manage employees in the Information Security and contingency planning role. Provide oversight to other functional areas within IT to ensure compliance with IT security policy and procedures. Is accountable for the overall direction, coordination, and evaluation of these units. Carries out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems.
Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education and Experience:
Bachelor's degree from four-year college or university within area of assigned responsibility; and minimum 15 to 20 years experience in the information security field with at least 10 years in the pharmaceutical or Biotechnology industry.
Communication Skills:
Excellent oral and written skills. Ability to write reports, business correspondence, and procedure manuals. Confident in effectively presenting information and responding to questions from groups of managers, clients, and customers. Capacity to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Must have the dexterity to interact with peers to establish mutually beneficial strategies.
Certification:
Certification in Information Security or Audit mandatory. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred.
Computer Skills:
Knowledge of Information Technology/Security and its use to enhance business processes.
Contact: Tracey Siegel – Staffing Consultant – 914-785-3263 or tracey.siegel@regeneron.com
No comments:
Post a Comment