Sr Manager, IT Security

Horizon Pharma   •  

Lake Forest, IL

Industry: Pharmaceuticals & Biotech

  •  

8 - 10 years

Posted 162 days ago

This job is no longer available.

Responsibilities:

  • Based on analysis of business requirements and strategies, determine corporate information security requirements and develop security standards, policies, and procedures
  • Research existing and proposed systems and applications (both in-house and SaaS/hosted) to ensure compliance to corporate information security standards, remediating where necessary
  • Plan, implement, and test enterprise-wide security systems
  • Own identity management services within the organization, including Active Directory and SSO federation
  • Continually look for security design gaps, recommending changes or enhancements to remediate
  • Working closely with the systems engineering team, implement, test, and monitor:
    • Networked communication security (Internet security, PKI, VPN)
    • Email message hygiene systems (spam, virus, and social engineering attack prevention)
    • Firewall security standards (including access lists, cryptography, and packet inspection)
    • Intrusion detection and prevention (IDS/IPS)
    • Electronic data ownership and access authorization
    • Active Directory account reviews
  • Working closely with the client systems team, implement, test, and monitor:
    • Secure mobile device management (MDM)
    • Client systems security software (virus/malware prevention, detection, and remediation)
    • Password policy refinement and enforcement
    • Client device data encryption
  • Take ownership of information security incidents to ensure proper remediation and communication occurs
  • Ensure security architecture is compliant with regulations and governance, including: Sarbanes-Oxley, data privacy requirements, and state/federal regulations
  • Lead participation efforts for regular security audits (both self-audits as well as third party external audits)
  • Keep current on new security technologies and integrate into security architecture design where appropriate
  • Manage time efficiently in order to multitask project activity alongside daily operational tasks
  • Interface with Horizon partners, consultants, and vendors to implement solutions

Qualifications and Skills Required:

  • Bachelor’s degree required
  • 7+ years of progressive experience in an information technology role required
  • 3+ years of experience in an IT security focused role required
  • Knowledge of security architecture principals for a global IT environment with both in-house and hosted/SaaS systems and solutions
  • Industry certifications (Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA)) preferred
  • Hands-on experience and/or capability working with the following technologies and skillsets:
    • Identity management (Active Directory, single-sign-on)
    • Network security (firewalls, ACLs, IDS/IPS, SSL/TLS)
    • Cryptography (SSL, TLS, PKI)
    • Microsoft server stack (Windows Server, file services, etc.)
    • Electronic mail hygiene (spam filtering, virus filtering)
    • Client systems stack (Windows OS, MDM, anti-virus, anti-malware, etc.)
  • Foundational understanding of:
    • Network and communication protocol concepts
    • Systems administration and engineering practices
    • Risk management frameworks
    • Application development methodologies
  • Expertise in identifying emerging technologies and security threats
  • Experience in security policy development, enforcement, and audit response
  • Previous experience and a regulated environment (SOX, HIPAA, PCI, etc.) is preferred
  • Previous experience in a biotechnology or pharmaceutical environment is preferred
  • Up to 5% travel

Horizon Core Values & Competencies:

Growth

  • Manages Ambiguity
  • Strategic Mindset
  • Demonstrates Self-awareness
  • Cultivates Innovation
  • Develops Talent

Accountability

  • Drives Results
  • Ensures Accountability
  • Decision Quality

Transparency

  • Courage
  • Collaboration
  • Instills Trust

Horizon Pharma plc does not discriminate on the basis of race, color, religion, gender, sexual orientation, national origin, age, disability, veteran status, or any other characteristic protected by law. It is our intention that all qualified applications are given equal opportunity and that selection decisions be based on job-related factors. Any individual, who, because of a disability, needs accommodation or assistance in completing this application or at any time during the application process, should contact the Human Resources Department.

R0000839