Manager, IT Security in Bernards, NJ at DSI

Date Posted: 4/14/2018

Job Snapshot

Job Description

Join a Legacy of Innovation 110 Years and Counting!

With over 100 years of scientific expertise and a presence in more than 20 countries, Daiichi Sankyo and its 15,000 employees around the world draw upon a rich legacy of innovation and a robust pipeline of promising new medicines to help people. In addition to a strong portfolio of medicines for hypertension and thrombotic disorders, under the Group’s 2025 Vision to become a “Global Pharma Innovator with a Competitive Advantage in Oncology,” Daiichi Sankyo research and development is primarily focused on bringing forth novel therapies in oncology, including immuno-oncology, with additional focus on new horizon areas, such as pain management, neurodegenerative diseases, heart and kidney diseases, and other rare diseases.

Job Summary

Daiichi Sankyo is currently seeking a Manager, IT Security to join our Basking Ridge, NJ location. The Manager, IT Security will operate and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.

Responsibilities

Translate Security Policies into the needed Security Controls and Services. Ensures proper controls and defenses against security breaches and vulnerability issues are in place. Ensure effectiveness of security solutions, including firewalls, anti-virus solutions, and intrusion detection systems by conducting routine auditing of security controls.

Lead in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) per recognized industry security frame work.

Responsible for conducting Business Impact Assessments and vendor Security Assessments, and make risk based recommendations regarding the security posture of applications and vendors. Including, Disaster Recovery Program by reviewing RTO/RPO of key systems.

Coordinate the Incident Response process including working with technical resources and vendors to gather information. Complete necessary documentation, and report findings to management. Recommend remediation strategies. Must have strong problem solving and report writing skills to support the incident response process.
Champion the Security Awareness program to educate the end user population of potential security risks and safe computing practices.

Continue to increase knowledge and expertise in the area of future technologies. This will enable them to provide IS organization ongoing insight into determining future security architecture (including technology purchases and enhancing operating and disaster recovery standards and procedures.)

Qualifications

Successful candidates will be able to meet the qualifications below with or without a reasonable accommodation.

Availability working after hours and during outages and other technical issues, must be willing to work around the clock to mitigate these issues – sometimes working 20-30 straight hours.
Travel - 5%; Ability to lift servers up to 50lbs – 5%

Education/Experience

Qualified candidates will have High School Degree; a Bachelor Degree in Computer Science from and accredited college or university preferred; a minimum of 5 years of progressive technical and operational support experience required; Certified Information Systems Security Professional (CISSP) preferred

Minimum of 3 years of experience with a broad range of exposure to InfoSec aspects, including security controls, baselines standards, general business planning, systems analysis, system development, maintenance, and application development

Minimum of 3 years of experience with information security, regulatory compliance and risk management concepts including managing a SIEM platform and 1 year of experience managing an SOC environment

Demonstrated comprehensive knowledge and understanding of Information security principles, general and IT controls (e.g., access controls, risk management, change management), related security policies and procedures.
Exhibits knowledge of industry regulatory standards and accreditation requirements or control frameworks (HIPAA, PCI, NIST, Red Flags, ISO 27000 series)

Daiichi Sankyo, Inc., is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.