Information Security Risk Manager
Lisbon, Portugal
IQVIA
Solutions to help life sciences organizations drive healthcare forward and get the right treatments to patients, faster.Job Overview
The Information Security Risk Manager is a crucial role within IQVIA organization, responsible for helping to establish and maintain IQVIA's risk management program, which is designed to ensure that the company's IT systems and information assets are adequately protected.
The individual in this position will be responsible for identifying and evaluating on information security risks in a manner that meets IQVIA's regulatory and other compliance requirements.
The individual will proactively engage the various clients, business units and other internal departments and organisations to implement practices that meet IQVIA's defined policies and standards for information risk management.
A successful candidate will demonstrate an ability to work independently and in an organised manner. They will communicate very effectively, manage their workload independently and coach others to success. They will demonstrate strong technical ability and experience, as well as diplomacy and the ability to work calmly under pressure.
Essential Responsibilities
- Plans, executes and conducts ongoing risk assessment, self-assessment and reviews of various operations, including assessing risks, determining scope, executing test procedures, reporting results and making recommendations for improvement.
- Evaluates compliance with legal, regulatory, operational and IT policies and procedures, and partners with stakeholders to develop sustainable remediation plans to compliance issues and control gaps, and actively drives issues and risks to closure.
- Works with others to help identify advanced security risks and exposures, determine the causes of security non-compliances, designs and recommends solutions to prevent and mitigate future incidents. This will include identifying applications of functional knowledge and existing methodologies to highly complex problems.
- Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
- Evolves the risk monitoring program to identify opportunities for enhancements and manages the risk exception process.
- Partners with the technology organization to implement and maintain IQVIA's integrated control framework, which includes requirements from NIST CSF, COBIT, HIPAA, etc.
Qualifications
- Bachelor's Degree Computer Science, a related field, or equivalent experience
- Equivalent work experience may substitute for degree
- 3 years of related work experience
- CISSP - Certified Information Systems Security Professional
- Certified Information Security Manager
- Certified in Risk and Information Security Controls
IQVIA is a leading global provider of advanced analytics, technology solutions and clinical research services to the life sciences industry. We believe in pushing the boundaries of human science and data science to make the biggest impact possible – to help our customers create a healthier world. Learn more at https://jobs.iqvia.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Audits CISSP COBIT Compliance Computer Science HIPAA Monitoring NIST Risk assessment Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open Risk assessment-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs