Indivior · 2 hours ago
OT/IT Cyber Security Program Manager
Richmond, VA
Full-time
Onsite
Senior Level, Lead/Staff
10+ years expIndivior is a global pharmaceutical company dedicated to transforming opioid use disorder from a global crisis to a recognized chronic disease. The Cyber Security Program Manager will lead the strategic development and delivery of enterprise-wide security initiatives, ensuring alignment with business objectives and regulatory requirements, while leveraging the NIST Cybersecurity Framework to enhance the organization's security posture.
Addiction TreatmentBiotechnologyCommunitiesHealth CareMedicalPharmaceuticalSocial
Responsibilities
Execute a comprehensive cybersecurity strategy and roadmap for the organization, aligning security initiatives with Indivior’s business goals and compliance requirements. Provide thought leadership on emerging long-term security investments and plans
NIST CSF Implementation: Leverage the NIST Cybersecurity Framework (CSF) to structure and continuously improve the security program. Ensure that security controls and policies address all five NIST CSF functions – Identify, Protect, Detect, Respond, Recover – delivering a balanced and resilient defense for the enterprise
Lead cross-functional teams or projects and influencing without direct authority. Excellent communication skills are required to distill and present technical concepts to both technical teams and executive audiences in a clear, persuasive manner. Must be effective at building partnerships across organizations and managing stakeholder expectations
Manage and maintain cybersecurity policies, standards, and procedures that reflect industry best practices and regulatory requirements. Drive regular review and updates on governance documents to ensure evolving threats and business changes, ensuring a “security by design” approach in all IT and business projects
Coordinate with cross-functional teams (IT operations, product engineering, compliance, and business units) to implement and enforce security controls. Serve as the primary program liaison between the security team and other departments, integrating security requirements into project plans and operational processes
Oversee third-party security assessments and vendor risk management activities. Work with procurement and vendor management teams to ensure external partners and service providers meet Indivior’s security standards. Address any gaps by driving remediation plans or implementing compensating controls
Utilize project management best practices (Agile and Waterfall) to drive security projects from inception to completion. This includes defining project scope, milestones, and success metrics; coordinating resources (internal teams and vendors); and tracking progress to ensure on-time, on-budget delivery of security initiatives
In-depth knowledge of information security frameworks and standards – especially the NIST Cybersecurity Framework – and experience applying them in an enterprise environment. Familiarity with other relevant frameworks (ISO 27001, CIS Critical Controls) and regulatory standards (e.g., GDPR, HIPAA) is a plus
Provide team members in fostering a culture of continuous improvement and proactive risk management. Leverage program management skills to support team activities in delivering objectives
Define key performance indicators (KPIs) and risk metrics for the cybersecurity program. Monitor security program performance and risk levels and prepare regular reports and dashboards for leadership and relevant governance committees. Present program status and strategic recommendations to stakeholders, including CISO, CIO, and executive sponsors
While the primary focus is on program management will work closely with incident response teams to ensure preparedness and swift action during security incidents. Help coordinate post-incident reviews and integrate lessons learned into program updates and future risk mitigation plans
Ensure that the security program meets relevant compliance obligations (such as data protection laws and pharmaceutical industry regulations). Support internal and external audits of security controls, providing documentation and managing remediation of any findings
Qualification
Required
Bachelor's degree in Computer Science, Information Security, or a related field is required
10+ years of experience in cybersecurity or information security roles, with a substantial portion in security leadership or program management positions
Proven track record of successfully implementing large-scale, complex security projects or programs
One or more industry-recognized security certifications are highly desired. Examples include CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or GIAC certifications (SANS)
Experience in the pharmaceutical or healthcare industry or other highly regulated environments is beneficial
Strong leadership and influencing skills
Ability to present technical and non-technical concepts to all levels of management & executive leadership
Excellent teamwork, facilitation, relationship building, and negotiation skills
Strong time management skills and strong able to multitask effectively
Ability to work in a fast-paced, project-oriented potentially high-pressure environment
Exceptional analytical and problem-solving skills
Aptitude and drive for continuous learning and development
Effective time management skills demonstrated by successful and timely completion of tasks
Stay up-to-date with the latest security trends, threats, and technologies to continuously improve the organization's security posture
Preferred
Master's degree in Cybersecurity, Information Systems, or a related discipline
Industry Security certifications such as SANS, CISSP, etc
Certification such as PMP (Project Management Professional) or Certified Scrum Master
Other relevant credentials like CRISC (Risk and Control), CGEIT, or cloud security certifications (CCSP, Azure/AWS security certs)
Experience with the implementation of NIST Cyber Security Framework (CSF)
Experience with the implementation of Purdue Model to enhance security within the OT environment
Previous experience of Information Technology/Operational Technologies and utility industry experience preferred with an awareness of utility specific security threats
Benefits
3 weeks’ vacation plus floating holidays and sick leave, plus company closure from December 24th- January 1st
401(k) and Profit Sharing Plan- Company match of 75% on your first 6% of contributions and profit sharing contribution equal to 4% of your eligible pay
U.S. Employee Stock Purchase Plan- 15% Discount
Comprehensive Medical, Dental, Vision, Life and Disability coverage
Health, Dependent Care and Limited Purpose Flex Spending and HSA options
Adoption assistance
Tuition reimbursement
Concierge/personal assistance services
Voluntary benefits including Legal, Pet Insurance and Critical Illness coverage
Gym, fitness facility and cell phone discounts
Company
Indivior
Indivior is a specialty pharmaceuticals business.
1001-5000 employees
H1B Sponsorship
Indivior has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (5)
2023 (5)
2022 (6)
2021 (4)
2020 (6)
Funding
Current Stage
Public CompanyTotal Funding
$400MKey Investors
Piper SandlerOaktree Capital Management
2024-11-05Post Ipo Debt· $400M
2024-07-12Post Ipo Equity
2014-12-23IPO
Leadership Team
Mark Crossley
Chief Executive Officer
Recent News
2025-12-24
MarketScreener
2025-12-22
2025-12-18
Company data provided by crunchbase