ICON Clinical Research

Information Security Manager

Location
Dublin
Salary
Competitive
Posted
22 Feb 2021
Closes
24 Mar 2021
Ref
JR070624
Discipline
Operations, Security
Hours
Full Time
Contract Type
Permanent
Experience Level
Experienced (non-manager)
Job Title: Information Security Manager

Location: Dublin 18

At ICON, it's our people that set us apart.

As a global provider of drug development solutions, our work is serious business. But that doesn't mean you can't have fun while you do it. With our vision to be the partner of choice in drug development, we hire only the best and brightest in the industry! Are you one of them?

At ICON, we have an incredible opportunity for an Information Security Manager to join the team in our Leopardstown, Dublin 18 location.

ICONs mission is to help our customers accelerate the development of drugs and devices that save lives and improve the quality of life. Icon is seeking to hire a Cyber & Information Security manager to join their Global security team. The Cyber & Information Security Manager will have the ability to identify security risks, liaise with business stakeholders to clearly communicate and treat those risks, deliver key initiatives as part of the security programme and ensure compliance with ICON security standards. The successful candidate will play a crucial role in ICON's security program and is expected provide guidance and expertise to team members and business stakeholders as well as contributing to shaping the Information Security program and budget.

The Role:

Reporting to the Head of Security, the successful candidate will be responsible for the following:
  • You will support implementation of security culture and embedding of security controls into business change and BAU processes
  • Defining security requirements customised to specific business projects and objectives
  • Delivery of internal Cyber Security projects on time, on budget and in line with security standards
  • Responsible for Cyber Security Signoff and the associated closeout / Risk Management documentation to be presented to upper management
  • Proven track record to drive high security standards across an organisation
  • Contribute to Information Security strategy
  • Management of third party vendors supporting ICON business projects
  • Support MAD (Mergers, acquisitions & Divestment) activities.
  • Act as an escalation point for Level 1&2 analysts as required.
  • Continuously improve ICON's cyber detection and response capability
  • Solid Understanding of computer and network forensics.
  • Ability to work within a multi-disciplinary team.
  • Approve/Reject security requests within ticketing system based on risk assessment and Information security policy alignment.
  • When required work to resolve vulnerabilities that are identified from vulnerability scans, penetration tests and other security assessments on ICON Plc infrastructure.
  • Always ensuring compliance with ICON Plc Information Security policies and hardening standards.
  • Ensure that defined security models are adhered to on an on-going basis.
  • Ability to relate technical issues to non-technical associates / business owners
  • Demonstrate a strong awareness of the current threat landscape.
  • Solid vendor management experience, proven experience managing complex integration issues across multiple vendors.
  • Change management and information security risk & governance experience
  • Occasional travel may be required
  • Other functions as assigned by ICON Plc Head of Information Security

Skills & Experience

The successful candidate will have experience of operating in a technically complex, fast changing and dynamic environment. Working as part of a global security team the senior information security manager must be a proven self-starter, have excellent organisational and communications skills. The ideal candidate will have a genuine passion for Information Security and have the ability to maintain composure in pressure situations. A solid understanding in the following areas is a must:
  • NIST cybersecurity framework
  • MITRE ATT&CK Framework
  • Solid understanding of SOAR
  • Solid understanding of vulnerability management
  • Information Security Standards
  • Strong knowledge of Operating systems
  • Application layer attacks
  • Strong understanding of Encryption Protocols
  • Strong understanding of Network Security
  • Strong knowledge of Mobile Security
  • Experience of network-based User Behavior Analytics
  • Strong understanding of Layered Security
  • Strong Knowledge of Cloud Architecture
  • Proven Problem Solving Skills

Qualifications
  • At least 7-10 years in a security related role
  • Bachelor's degree in computer science, programming, or other related program is desired
  • Significant experience with risk management methodologies, industry standards, managing an Information Security Management System (ISMS) and delivering key aspects of a security program in a regulated environment.
  • Certifications: Relevant certs e.g. (ISC)2 CISSP, ISACA CISM/CISA/CRISC, SANS GIAC(distinct advantage), ISO27k LA/LI
  • Presented on security topics at security conferences
  • Familiar with the laws, regulations, industry standards and guidance pertaining to Data Protection and Information Security

#LI-CW1