- Governance, Risk, and Compliance (GRC): Lead the development and implementation of robust information security policies, procedures, and controls to ensure compliance with industry standards and regulations.
- Risk Management: Identify, assess, and mitigate information security risks across all facets of our business operations, with a focus on safeguarding sensitive data and intellectual property.
- Security Operations: Oversee the day-to-day management of security systems and protocols, including incident response, threat detection, and vulnerability management.
- Security Awareness: Develop and deliver comprehensive training programs to promote a culture of security awareness and best practices among employees.
- Vendor Management: Collaborate with third-party vendors and partners to assess security risks and ensure compliance throughout the supply chain.
- Regulatory Compliance: Stay abreast of evolving regulatory requirements and industry trends, ensuring our organisation remains ahead of the curve in terms of compliance readiness.
- Bachelor’s degree in information security, Computer Science, or related field (Master's degree preferred).
- Proven experience in information security management, preferably within the pharmaceutical or healthcare industry.
- In-depth knowledge of relevant regulatory frameworks, such as ISO, GDPR, HIPAA, and FDA regulations.
- Strong understanding of security technologies and methodologies, including encryption, access control, and intrusion detection systems.
- Excellent communication and leadership skills, with the ability to collaborate effectively across diverse teams and stakeholders.
- Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
- You must be within a commutable distance of Cambridge to adhere to their hybrid working on 2 days per week onsite.
- A willingness for occasional international travel would be beneficial.