Information Security Analyst IV (CISA / CISSP / CISM) / Hybrid Work from Pioneer Data Systems
Raritan, NJ 08869
About the Job
Our client, a world-leading Pharmaceutical Company in Raritan, NJ is currently looking for a Information Security Analyst IV (CISA / CISSP / CISM) to join their expanding team.
Position Details:
- Job Title: Information Security Analyst IV (CISA / CISSP / CISM) / Hybrid Work
- Duration: 12 months contract, extendable up to 24 months
- Location: Raritan, NJ
- Hybrid: 3 days/week onsite; can be flexible
Note:
- The client has the right-to-hire you as a permanent employee at any time during or after the end of the contract.
- You may participate in the company group medical insurance plan
Job Description:
- Title - Application Security Manager
- We are seeking an Information Security and Compliance consultant with experience in providing security applications controls and assessments for pharmaceutical Manufacturers located in Raritan, NJ.
- As a Cyber Security Analist, this resource will work within the Information Security and risk Management department, joining the team responsible for security consulting initiatives of Supply Chain, Make/OT and Deliver Platforms related application support.
- In this role, this resource will be responsible for security and controls throughout global projects related to Supply Chain applications including Car-t Cloud-based software controls, and continuous collaboration and follow-ups with the business partners.
Minimum Qualifications:
- Bachelor's Degree in Information Technology, Computer Science, or a related field
- Minimum 7 years of experience working with security and controls, consulting stakeholders throughout the application implementation process
- Broad knowledge of information security processes and principles is useful in explaining the business value of cybersecurity.
- Experienced in identifying and articulating issues/obstacles regarding application security issues
- Working knowledge of Web/Cloud-based software
- Familiarity with SOX compliance requirements
- Self-starter and proficient multitasker with excellent documentation, communication, and organizational skills Preferred Knowledge, Skills and Abilities
- Certified Information Systems Security Professional (CISSP), CISM, CISA etc..
- Responsible for advancing cybersecurity of our Pharma systems, applications, and integrations across product lines and regions by identifying key risks and controls through security assessments
- Orchestrate and deliver cybersecurity risk assessments of Supply Chain projects, applications, and the technologies that run them while maintaining awareness of the changing threat landscape
- Understand and promote risk management activities associated with external regulations and internal policies such as IAPP, GxP, and GDPR
- Bridge the gap between traditional Information Technology (IT) and business functions by relating cyber threats and vulnerabilities to business imperatives and communicating them to key business leaders
- Actively advise, assess, and lead Business and IT stakeholders in the development of secure information systems and solutions in line with the organization's cybersecurity architecture, IAPP policies, and regulatory requirements.
- We maintain connections across peer groups to continuously understand emerging security solutions that are ground-breaking enablers for mitigating supply chain risk
- We constantly strive to shape the administrative controls for cybersecurity through advisory and assurance services
- Support compliance assessments on regulatory (ie GxP or SOX)
- Make recommendations for application security including change, incident management, process enhancements, access management, and change management
- Consulting stakeholders about data classification and privacy, including data encryption and protection
- Ensures appropriate controls are implemented for Car-t Applications and coordinates alignment with Internal Audit and IT Compliance
- Provide metrics and reports on a weekly basis tracking the entire portfolio, application assessment status, and Risk Acceptance status.