Information Security Manager
Lisbon, Portugal
IQVIA
Solutions to help life sciences organizations drive healthcare forward and get the right treatments to patients, faster.Location: Portugal, Poland, Brazil
Work model: Hybrid (1-2 days per week in the office)
This is one of a key cybersecurity role within the global Information Security organization.
The individual fulfilling this Information Security Manager role in Vulnerability Management team will partner closely with IT professionals both within the core Global Information Security organization and those in the Global Business Units performing assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy and management.
RESPONSIBILITIES
- Delivering on a portfolio of tasks as part of Vulnerability Management Service
- Supporting the Vulnerability Management team in vulnerability scanning and other ad hoc testing, identifying and evaluating vulnerabilities in web applications and infrastructure
- Conducting comprehensive vulnerability assessments and continuous monitoring across IQVIA
- Apply IQVIA’s vulnerability ratings to externally rated vulnerabilities to help the business prioritize remediation
- Support the business lead vulnerability remediation activities
- Maintain an oversight of existing vulnerabilities in the IQVIA estate
- Develop and document operational procedures and metrics in relation to carried out activities
- Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
- Support audit efforts that identify technical and procedural findings, and provide recommended remediation strategies/solutions
- Collaborate with the business, technology teams and information security management to ensure that control deficiencies are registered and remediated
- Reporting regularly to management on the status of assigned activities including issues, risks and remediation actions.
- Support and laisse on penetration testing activities for business units
All responsibilities are essential job functions unless noted as nonessential (N).
REQUIRED KNOWLEDGE, SKILLS AND ABILITIES
- Information system security management, information security, troubleshooting, information systems, quality assurance and control, network security, cyber threat modeling
- Knowledge of computer networking concepts and protocols, and network security methodologies and OSI
- Knowledge of industry tools for security scanning and vulnerability management solutions (Qualys, Tenable Nessus or Nexpose)
- Working knowledge of enterprise IT and cloud technologies such as networking, server infrastructure, operating systems (MS Windows and Linux), web applications and databases
- Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
- Knowledge of IT processes (ITIL) in regulated environments
- Knowledge of ethical hacking principles and techniques, and Application Security Risks (eg. OWASP)
- Excellent written and verbal communication skills
- Effective organization and time management skills
- Ability to write with purpose, clarity and accuracy
- Ability to work both within a team environment and independently to initiate and prioritize tasks
- Ability to establish and maintain effective working relationships with coworkers and management in a global environment.
- Hands-on experience in security testing of web applications and infrastructure is a plus
- Know-how of scripting languages is a plus
- Experience in ServiceNow is a plus.
MINIMUM REQUIRED EDUCATION AND EXPERIENCE
- Candidate should have a minimum of 3 years Vulnerability Management experience or 5 years prior experience in information assurance, incident handling, vulnerability management and vulnerability analysis, and assistance programs
- Candidates should possess an Bachelor's degree in Computer science, cybersecurity, information technology, software engineering, information systems, computer engineering and preferably have experience within a regulated industry environment
- An ITIL or project management certificates are not required but beneficial.
- A relevant qualification: CompTIA Security, CASP+, CEH, GIAC (GSEC, GCED etc.), SSCP or similar is a plus.
IQVIA is a leading global provider of advanced analytics, technology solutions and clinical research services to the life sciences industry. We believe in pushing the boundaries of human science and data science to make the biggest impact possible – to help our customers create a healthier world. Learn more at https://jobs.iqvia.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Application security CASP+ CEH Cloud CompTIA Computer Science Encryption Ethical hacking GCED GIAC GSEC Intrusion detection ITIL Linux Monitoring Nessus Network security OWASP Pentesting Qualys Scripting SSCP Threat intelligence Vulnerabilities Vulnerability management Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs