Director of Governance, Risk, Compliance, Insider Threat, and CSV Programs (remote/virtual)
Company: Emergent BioSolutions
Location: Canton
Posted on: January 24, 2023
Job Description:
Those who join Emergent BioSolutions feel a sense of ownership
about their future. You will excel in an environment characterized
by respect, innovation and growth opportunities. Here, you will
join passionate professionals who advance their scientific,
technical and professional skills to develop products designed-to
protect life. Job Summary The Director of Governance, Risk,
Compliance, Insider Threat, and CSV Programs is the process owner
of all Emergent IT Computer System Validation, Vendor Risk
Management, Insider Threat, Security Awareness & Training, and
Policy & Maintenance Programs administration. S/He will provide
thought leadership, direct, evangelize, and oversee the development
of the programs' roadmap and creation of and reporting on metrics
for roadmap milestones, including the implementation of controls,
development of metrics, and planning, driving, and ensuring
completion of key activities within these programs. In addition,
s/he will assure policy compliance with company, industry, and
regulatory requirements and audits (including Sarbanes-Oxley,
FISMA, CMMC, and 21Part11/GxP Computer Systems Validations. This
position will manage a team of security analysts, providing
leadership and mentorship. This is a remote/virtual position.
Essential Functions Reasonable accommodations will be made to
enable individuals with disabilities to perform the essential
functions. Governance, Risk, and Compliance
- Lead and implement controls to internally assess, evaluate and
make recommendations to senior management regarding the adequacy of
the security controls for the organization's information and
technology systems
- Partner with Technology leaders to facilitate compliance of
security controls with Emergent information systems regarding
Personally Identifiable Information (PII), FDA, FISMA, and other
applicable regulatory and contractual requirements, ensuring
effective security operations of Emergent systems, networks,
business partner agreements, and interconnections
- Coordinate and track all information technology and security
related audits including scope of audits, business units involved,
timelines, and outcomes
- Liaise with Internal Audit, maintaining excellent relationships
and provide transparency of Information Systems and Security
programs Insider Threat
- Provide leadership and work in partnership with physical
security and other cross-functional teams in establishing the
Emergent Insider Threat Program
- Lead, develop, and maintain Insider Threat performance
measures, determining appropriate metrics, methodologies, tools,
and procedures
- Provide thought leadership to identify issues, develop
alternatives, provide recommendations, and implement decisions on
an ongoing basis for critical program issues Security Awareness &
Training
- Provide overall leadership for our security awareness and
education program
- Lead, develop, implement, and launch efforts to reduce risk to
our organization by ensuring all employees, staff and contractors
know, understand, and follow our security requirements and behave
in a secure manner
- Lead the identification of the top human risks to our
organization and the behaviors we need to change to mitigate those
risks
- Structure and maintain this program to be long term, so
ultimately, we are not changing just behaviors but culture.
- Create a metrics framework that can effectively measure these
requirements IT Enterprise System Validation
- Lead the development of system requirements and specifications
to ensure requirements that are testable, and 21 CFR Part 11
requirements are met
- Lead and mentor the implementation teams in the proper
execution of validation documents
- Lead the development of CFR Part 11 computer systems validation
plans, qualifications test protocols, traceability matrices,
reports, IQ/OQ protocols and all documents, and deliverables within
the scope of the validation plan
- Direct, develop, implement, and maintain test plans, test
scripts and user acceptance tests and manage the execution of test
plans IT Policy & Maintenance
- Lead the development and implementation of effective and
reasonable policies and practices to secure sensitive data and
ensure security and compliance with contracts, regulatory
requirements, and industry standards
- Provide thought leadership, develop, implement, and assure
successful implementation of security policies, standards and plans
to ensure the protection of corporate data against unauthorized
use, access, modification, and destruction
- Monitor compliance with information security policies and
procedures
- Direct and implement effective dashboard to monitor compliance
with information security policies and procedure The above
statements are intended to describe the nature of work performed by
those in this job and are not an exhaustive list of all duties.
Nothing in this job description restricts managements right to
assign or reassign duties and responsibilities to this job at any
time which reflects management's assignment of essential functions.
Education, Experience, & Skills Education:
- Bachelor's degree required.
- Bachelor's degree in Business or Information Systems preferred.
Experience:
- At least 10 years of experience in the security field.
- At least 4 years of experience managing a security governance
team.
- Preferred, at least 2 years operating in a GxP environment or
with GxP Computer System Validation requirements Knowledge:
- Must understand SOX, FISMA, CMM (Capability Maturity Model),
CMMC (Cybersecurity Maturity Model Certification), and SSAE 18 SOC
reports. Skills:
- Must have written and managed updates to security policies and
procedures.
- Must have directly managed a team or teams of security
personnel. Abilities:
- Demonstrated ability to own and manage security governance
functions.
- Demonstrated ability to manage third party assessments Per CDC
guidelines, Emergent strongly recommends that all employees working
on site are vaccinated to help ensure their safety, as well as the
safety of fellow employees. This includes the use of good judgment
when determining when the CDC guidelines advise that you stay home
when ill. There are physical/mental demands and work environment
characteristics that must be met by an individual to successfully
perform the essential functions of the job. This information is
available upon request from the candidate. Reasonable
accommodations may be made to enable individuals with disabilities
to perform all essential functions. Emergent BioSolutions is an
Equal Opportunity/Affirmative Action Employer and values the
diversity of our workforce. Emergent does not discriminate on the
basis of race, color, creed, religion, sex or gender (including
pregnancy, childbirth, and related medical conditions), gender
identity or gender expression (including transgender status),
sexual orientation, age, national origin, ancestry, citizenship
status, marital status, physical or mental disability, military
service or veteran status, genetic information or any other
characteristics protected by applicable federal, state or local
law. Information submitted will be used by Emergent BioSolutions
for activities related to your prospective employment. Emergent
BioSolutions respects your privacy and any use of the information
submitted will be subject to the terms of our Privacy Policy .
Emergent BioSolutions does not accept non-solicited resumes or
candidate submittals from search/recruiting agencies not already on
Emergent BioSolutions' approved agency list. Unsolicited resumes or
candidate information submitted to Emergent BioSolutions by
search/recruiting agencies not already on Emergent BioSolutions'
approved agency list shall become the property of Emergent
BioSolutions and if the candidate is subsequently hired by Emergent
BioSolutions, Emergent BioSolutions shall not owe any fee to the
submitting agency.
Keywords: Emergent BioSolutions, Jackson , Director of Governance, Risk, Compliance, Insider Threat, and CSV Programs (remote/virtual), Executive , Canton, Mississippi
Didn't find what you're looking for? Search again!
Loading more jobs...