Apply on Employer Site

Illumina · 1 month ago

Information Security Certification Program Manager, Sr Staff

US - California - San Diego

Full-time

Hybrid

Senior Level, Lead/Staff

$153K/yr - $229K/yr

12+ years exp

Illumina is a company focused on expanding access to genomic technology for health equity. The Sr. Staff Information Security Certifications Program Manager will lead the security certifications program, ensuring compliance and developing strategies to meet future business needs while collaborating with various teams to enhance the program's effectiveness.

BiotechnologyGeneticsHealth CareMedical

No H1B

Responsibilities

Drives Information Security Certification Program to maintain ISO, SOC2, HIPAA and C5 certifications for cloud-based Illumina Analytics products

Maintains security controls compliance within AuditBoard tool to ensure process and policy adherence

Develops future state strategy to meet changing business needs around Information Security Certification program

Defines, implements, and maintains annual recertification process for multiple security certifications

Oversees the security certification governance processes including audit readiness, continuous monitoring, periodic review and management reporting

Liaises with security engineering, operations and infrastructure teams to remediate control gaps

Communicates the status and accomplishments of overall certification program to executive leaders, peers in the IT organization, customers, and stakeholders

Responsible for guiding the IT Organization on security certification controls, audit readiness and training needs

Serves as certification program SME and represents organizational controls during internal and external audits

Ability to review customer attestation request or contracts for alignment with Illumina’s security posture

Aligns and contributes towards maturing Illumina’s security certification program

Advises IT, Business teams and internal GIS customers on security certifications scope, controls management and monitoring approach

Drive collaboration across teams, developing relationships with key leaders inside and outside of information Security to ensure ongoing success of Information Security Certifications Program

Qualification

ISO 27001SOC2Security certificationsAuditBoardSecurity best practicesCustomer serviceCommunication skillsOrganizational skillsLeadership in project implementations

Required

Strong oral and written skills to persuade, direct and advise stakeholders on security certification processes

Strong organizational skills to maintain and manage high impact security certification programs such as ISO 27001, 27701, 27017 27018, SOC-2, C5 and TxRamp

Extensive experience in taking through a complete lifecycle of security certification process and ongoing maintenance

Experience working with AuditBoard or similar industry standard GRC tools and managing audit evidence

Multiple years of experience in engaging with external certification firms and directly managing the certification process

Audit awareness and ability to represent internal process and controls to support self-audits and external audits

Strong understanding of security best practices and ability to interpret applicability of control requirements

Extensive experience in building audience-based presentations, status updates, budget proposals and compliance score cards

Experience and leadership in fast-paced project implementations

Excellent customer service and communication skills

Understanding of latest and next generation security tools along with common Cloud IT infrastructure and applications, e.g., virtualization, directory services, storage, DBMS

Typically requires a minimum of 12 years of related experience with a Bachelor's degree in Technology, Science, Business or related field; or 8 years and a Master's degree; or a PhD with 5 years experience; or equivalent experience

Must have served in a role that had responsibility and accountability for maintaining Information Security Certifications, preferably SOC2, ISO, TxRamp/FedRamp/StateRamp