Information Security Analyst

Company Description

About Eurofins

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and the environment safer, healthier and more sustainable. From the food you eat to the medicines you rely on, Eurofins works with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic and labelling is accurate. Eurofins is a global leader in food, environmental, pharmaceutical and cosmetic product testing and in agroscience CRO services. It is also one of the global independent market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, CDMO, advanced material sciences and in the support of clinical studies.

In over just 30 years, Eurofins has grown from one laboratory in Nantes, France to 58,000 staff across a network of over 1,000 independent companies in 54 countries, operating 900 laboratories. Performing over 450 million tests every year, Eurofins offers a portfolio of over 200,000 analytical methods to evaluate the safety, identity, composition, authenticity, origin, traceability and purity of biological substances and products, as well as providing innovative clinical diagnostic testing services, as one of the leading global emerging players in specialised clinical diagnostics testing.

Eurofins is one of the fastest growing listed European companies with a listing on the French stock exchange since 1997. In FY 2021, Eurofins achieved a record revenue of over EUR 6.7 billion.

Eurofins IT Solutions India Pvt Ltd (EITSI) is a fully owned subsidiary of Eurofins and functions as a Global Software Delivery Center exclusively catering to Eurofins Global IT business needs. The code shipped out of EITSI impacts the global network of Eurofins labs and services.

The primary focus at EITSI is to develop the next generation LIMS (Lab Information Management system), Customer portals, e-commerce solutions, ERP/CRM system, Mobile Apps & other B2B platforms for various Eurofins Laboratories and businesses. Young and dynamic, we have a rich culture and we offer fulfilling careers.

Job Description

• Maintaining and improving the Information Security Management System (ISMS)
• Proactive and regular building of relationships across the lines of service to effectively deliver security activities on behalf of the global security and technology teams.
• Maintain, further develop and continually improve the Eurofins Genomics information security risk framework and ensure its ongoing effectiveness.
• Conducting and ensuring regular trainings, provision of information and advice of all employees, managers and third parties.
• Driving appropriate classification of company information and adequate handling.
• Conducting and supporting risk management activities (i.e. risk assessments, business impact analysis).
• Contribute to the reporting on the information security risk status to the Regional Information Security Officer, executive stakeholders and/or other relevant committees.
• Consult the departments and management on Information Risk Management and ISO 27001 standard implementation.
• Conduct periodic reviews, manage timelines to fulfil control requirements and provide stakeholders with routine status updates.
• Provide information security GRC consultancy to functional business teams..
• Ensure that requirements by IT Audit controls are met..
• Contribute to strategic Cyber Security projects.
• Contribute to enhancing the security training and awareness measures within Eurofins Genomics.
• Promote awareness and build relationships for managing information security risk management within Eurofins Genomics.
• Driving secure collaboration with and integration of business partners.
• Monitoring and controlling the effectiveness of InfoSec activities in projects and implemented measures.
• Driving usage of InfoSec processes and tools, including documentation.

QUALIFICATIONS AND EXPERIENCE REQUIRED:

• Minimum of 5- 8 years of professional in the field of Information Security and privacy.
• Deeper knowledge on all the control objectives and controls set out as per ISO IEC 27001:2017.
• Several successful implementation of the ISO 27001 standard with leadership role in the projects.
• Ability to assess the IT security implementation in an organization against the controls set out in ISO IEC 27001:2017.
• ISO 27001 Certification (Lead Implementor or Lead Auditor).
• Comprehensive knowledge about ISO 27001 standard.
• Knowledge of IT Risk management, ISO 27005, GDPR.
• Audit experience in the field of information security.
• Proven ability to offer high level support in an enterprise environment.
• Good Project management skills.
• Demonstrated experience across multiple information security domains preferred (e.g. IT, OT, IoT and products).
• Proactive, structured and independent way of working.
• Certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) are a plus.

Additional Skills which is a plus:

• Strong ability to cooperate and build processes in the field together with other teams and keen on being “hands-on” in solving existing process gaps.
• Strong analytical skills, able to perceive complexity and derive efficient solutions in the field accordingly.
• Very familiar with technical features of a DevSecOps environment in the Cloud or willing to learn.
• Knowledge on OECD, ICH, EU Annex 11, EU Annex 15, CFR part 11 guidelines for human and non-human directives.
• Strong interpersonal communication skills, including the ability to communicate effectively and build consensus with teams across organizational lines.
• Professional with a positive attitude and capable of contributing to a dynamic and team-oriented culture.

Qualifications

Academic degree in fields of Information Technology, Information Security or training with experience in the field of Internet security or a comparable qualification.

Additional Information

Personal Qualities:

· Excellent analytical and problem solving skills

· Excellent verbal and written communication skills

· Successful teamwork experience and demonstrated leadership abilities are required

· Proven ability to transfer knowledge and stay aware of current trends and technical advancements

· Ability to articulate and present different points-of-views on various technologies