Information Security Manager



Information Security Manager New Jersey, NJ

Title: Information Security Manager

Job Type: Permanent

Primary Location: Multiple Locations (New Jersey, New York, Pennsylvania, Massachusetts, Maryland)

The Challenge:

Our client is seeking applicants for the position of Manager-Information Security Centre of Excellence to join their US office and act as a Business Information Security Officer (BISO) for assigned client accounts / domains reporting to the Director of Information Security CoE.

Role and Responsibilities:

  • Work closely with Business, Client (as applicable), Information Security, IT and Project teams for thorough understanding of business and client security requirements and coordinate secure business enabling solutions.
  • Build and maintain effective relationship with Business, Client, IT and Information Security stakeholders. Be the voice of Information Security for business teams & clients and the voice of the business & clients within Information Security.
  • Own and communicate the account level roadmap for Information security aligned with the client’s risk appetite and overall Information Security roadmap, identifying and resolving applicable implementation level risks and issues.
  • Facilitate planning, introduction, delivery of account level Information Security support and initiatives, like:
  • Coordinate internal and client required compliance activities, security audits, point services like 3rd party vulnerability assessments, client’s security questionnaires, etc.
  • Drive security capability / maturity improvement, security awareness and education
  • Secure architecture design and implementation of processes
  • Contribute to cyber resilience strategy and response (as applicable)
  • Ensure that the client’s and its client’s security policy compliance is appropriate managed within assigned domain / account
  • Share knowledge and expertise of in-country (or regional) cybersecurity policy and regulatory environment with key stakeholders and clients
  • Support the broader Information Security team in maintaining cybersecurity hygiene and seek opportunities to enhance and improve security of Information involved in assigned domain and/or account.
  • Provide senior account and organizational leadership with accurate assessments of our security posture and progress on industry standard frameworks on an ongoing basis.
  • Educate stakeholders on cybersecurity-related matters in an effort to increase awareness and improve culture


Essential skills and requirements:

  • 10+ years in a similar role in a large international organization
  • Proven experience working in risk management, governance, and regulatory requirements related to cybersecurity with a specific focus on business outcomes and service delivery.
  • Confident, energetic self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy to understand concepts
  • Ability to bring key stakeholders together to rapidly and collaboratively achieve consensus on priorities and path forward to work tasks and projects
  • Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
  • A good understanding of Security frameworks including NIST, SANs, COBIT, CIS, ISO 27001, etc. Familiarity with US, Global healthcare and pharma specific data, cybersecurity regulatory requirements.
  • Proven work experience with multinational enterprises.
  • Bachelor’s degree in a related discipline and professional certification (CISSP, CPA, CIA, CISA, CISM, CRISC or similar)


Preferred Qualifications (Desired Skills/Experience):

  • Work experience with Healthcare and Pharma organization involving IT and Security functions.
  • Knowledge and experienced working with security frameworks, assessments
  • Familiarity with security controls and services on endpoint devices, in-house and commercial applications, Window and Linux servers, and infrastructure network devices
  • Effective analytical skills with an ability to identify and resolve issues
  • Tolerant of ambiguity and the flexibility to work well in a dynamic environment
  • High attention to detail, self-starter, results driven
  • CISSP, Security+ or other cybersecurity certifications
  • Project management, team lead experience
  • Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS)


Tagged as: Information Security Manager