Job was saved successfully.
Job was removed from Saved Jobs.

Job Details


Emergent Biosolutions

Sr Manager Risk and Compliance (Cybersecurity)

Pharmaceuticals

All

Full Time

On Site

No

San Diego, California, United States


Those who join Emergent BioSolutions feel a sense of ownership about their future. You will excel in an environment characterized by respect, innovation and growth opportunities. Here, you will join passionate professionals who advance their scientific, technical and professional skills to develop products designed-to protect life.

I. JOB SUMMARY

The Senior Manager of Risk and Compliance will be a member of Emergent’s Information Security Governance, Risk, and Compliance team and will oversee compliance and risk management processes as well as the security awareness training program. This position will report to the Director of Governance, Risk, and Compliance and will document policies and cybersecurity risks, support efforts to comply with company, industry, and regulatory cybersecurity requirements, and design and manage the security awareness training and communication. This position will be hands-on and require managing tasks across departments to satisfy our risk management and compliance processes.

This position may be full-time remote.

II. ESSENTIAL FUNCTIONS.

  • Own and manage the Risk Management process, including the assessment of risk, the documentation of exceptions, and the tracking of risk deadlines.
  • Manage the internal process to review products and services for risk level and appropriateness in the Emergent environment.
  • Provide audit support and responses for SOX, FISMA, NIST 800-171/53, NIST CSF, FDA, and CMMI assessments.
  • Design and manage the security awareness and training program, including simulated phishing campaigns and periodic company-wide communications.
  • Develop information security policies and review existing policies for updates.
  • Assist with the vulnerability management program to document the risks and plans of actions.
  • Perform as the security lead on business projects, as needed.
  • Assist in other GRC tasks as needed.

III. MINIMUM EDUCATION, EXPERIENCE, SKILLS

Education:

  • Bachelor’s Degree in Business or Information Systems, or equivalent experience.

Experience:

  • 5+ years in security, compliance, or risk management

Knowledge:

  • Must understand common information technology areas in network and computing, security control concepts, CMMI, risk management, phishing attacks, and audit flows.
  • Must be familiar with Sarbanes Oxley (SOX), SSAE 18 SOC reports (SOC1/2/3), FISMA, NIST 800-171, NIST 800-53, NIST CSF, FARS/DFARS, ITAR, and FDA audits.
  • Preferred familiarity with FDA 21 CFR Part 11.

Skills:

  • Must be able to author policy documents, provide business risk assessments, and communicate well with other teams.
  • Must be able to identify sensitive information, such as PII, PHI, Clinical Data, etc.

Abilities:

  • Demonstrated experience working across organizations to resolve conflicts
  • Demonstrated experience with organization-wide communications.
  • Demonstrated experience managing and documenting security risks.

[Register to View] .

Emergent BioSolutions does not accept non-solicited resumes or candidate submittals from search/recruiting agencies not already on Emergent BioSolutions’ approved agency list. Unsolicited resumes or candidate information submitted to Emergent BioSolutions by search/recruiting agencies not already on Emergent BioSolutions’ approved agency list shall become the property of Emergent BioSolutions and if the candidate is subsequently hired by Emergent BioSolutions, Emergent BioSolutions shall not owe any fee to the submitting agency.