Apply on Employer Site

Harmony Biosciences · 2 weeks ago

Associate Director, Information Technology Security

Plymouth Meeting, PA

Full-time

Onsite

Lead/Staff, Director/Executive

8+ years exp

Harmony Biosciences is recruiting for an Associate Director, IT Security. This role is an operational and hands-on role to design, configure, maintain and manage Harmony Bioscience’s Cyber Security programs, including coordinating the Information Security solutions, strategic planning, and budgetary aspects of Harmony Biosciences' global information security program.

BiopharmaBiotechnologyHealth Care

Hiring Manager

Ellen Mancino

Responsibilities

Manage security projects and provide expert guidance on security matters for other IT projects; design, coordinate, and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks

Coordinate, measure, and report on the technical aspects of security project management; maintain a knowledgebase comprising a technical reference library and operational documentation for new security controls & services

Partner with Governance, Risk, & Compliance leaders to ensure that identified risks, vulnerabilities, and threats are mitigated within company risk tolerance in a timely manner

Work with the IT Infrastructure team to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and other information system components

Work with the CIO, IT, and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program

Work with the CIO, IT, and business stakeholders to manage table top exercises

Work as a liaison with cybersecurity and IT vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements

Continuously improve the global security program and security projects that address identified risks and business security requirements, including Data Privacy and follow laws such as GDPR, HIPAA, etc

Act as an empowered representative of Harmony’s IT Security team during IT planning initiatives to ensure that security measures are incorporated into strategic IT plans

Aid in the review and update of documentation for Harmony’s security policies and procedures

Actively participate in developing the goals, strategy, and methodologies of Harmony’s cyber program in alignment with the overall Information Security program strategy

Research, evaluate, implement, and manage applications, services, and controls for use by Harmony within the security architecture

Assist with the deployment and upkeep of the information security department’s website content as part of the IT intranet site

Assist setting up cloud applications, services, networks, and servers as required

List compliance tasks against accepted security controls by partnering with the Compliance team

Organize stakeholder meetings and program reviews to collect feedback and directional guidance

Strategize and define data security controls, risks, mitigation based on data classification and socialize and align with the business

Create, update, and impart security training content on a quarterly basis to Harmony company employees as well as external contractors

Align with the CIO and deliver on policies pertaining to Pen tests, Governance, managing vulnerabilities

Partner with the legal team to initiate and manage vendor contracts for Security related vendors

Qualification

Microsoft EntraMicrosoft ExchangeCybersecurity CertificationData PrivacyMicrosoft Identity ArchitectureMicrosoft Security ArchitectureCommunication skillsTeam collaboration