IGM Security Manager
Graduate job East Hanover (Morris County) Design / Civil engineering / Industrial engineering
Job description
Job Description
East Hanover, NJ or Fort Worth, TX.
Role Purpose:
• Deliver IT Security services to the Novartis Organization to help ensure that information and IT systems are adequately protected against unauthorized disclosure (confidentiality), unauthorized alteration (integrity), unavailability (availability) and non-compliance with Novartis Standards, Procedures and Baselines.
• Proactively work with Country Leadership Team(s) and business stakeholders to consult and guide in the implementation of and compliance with the IGM (Information Governance and Management) Policy Framework in terms of IT Security.
• Provide general IT Security advice, consultancy and expertise to Country IGM Leadership
• Ensures usage of the IT security methodology and tools provided by Global IGM.
• Support and coordinate vulnerability management and remediation of vulnerabilities reported via the SOC (Security Operation Center).
• Support and where needed coordinate in the remediation of IT Security gaps after assessments, audits or other activities that identified a control gap.
• Ensure IT security controls are implemented and develops IT security plans in line with IGM Policy Framework.
• Participate in IT security remediation activities and reviews arising from IT security incidents.
• Provide IT security requirements for the development of new IT Systems.
• Evaluate and manage IT security related risks and business risk acceptance.
• Manage and report information and IT risks within the Country.
Key Performance Indicators:
• Ability to correctly present IT security risks to the Country IGM Head, IT & Business stakeholder.
• The level to which IT security incidents that occurred during the year that were totally unpredicted or unexpected.
• Outcome of internal and external audit findings (audit reports) and IGM Control Maturity assessments on a Country level.
• Ability to work effectively in a global, cross-organizational and cross-cultural team.
EEO Statement
The Novartis Group of Companies are Equal Opportunity Employers and take pride in maintaining a diverse environment. We do not discriminate in recruitment, hiring, training, promotion or any other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, marital or veteran status, disability, or any other legally protected status.
Desired profile
Essential:
• University bachelor or master level degree in a technical area or comparable education/experience
• At least 2 years of professional experience in a similar or related role.
• Fluency (written and spoken) in English
Desirable:
• Experienced IT Compliance Professional, IT Auditor, Chief Information Security Officer or Information Risk Manager.
• Experience in IT security advisory or vulnerability management.
• Professional information security certification, such as CISSP, CISM, ISO 27001, CSA/LPT, GPEN, GSEC, etc.
• Understanding of general privacy requirements in an IT security context.
• Experience with IT security tools
Professional Competencies:
• Working style: High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
• Collaboration: Strong ability to handle competing priorities, and seeking consensus when parties have different or even contradicting opinions. Is perceived as a team player.
• Customer Focus: Strong customer focus is required. Customer focus includes both a focus on the Country IT and Country business organization.
• Results Focus: Must be able to drive IGM projects and related activities through the Country organization.
•Communication: Must be able to present and train teams effectively. Excellent written and verbal communication skills; interpersonal and collaborative skills.
.