Vice President, Information Security, CISO

Job not on LinkedIn

🔥 12 hours ago

🗽 New York – Remote

🗽 New York – Remote

💵 $220k - $250k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

ACM Global Laboratories

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

💊 Pharmaceuticals

🔬 Science

⚕️ Healthcare Insurance

Pharmaceuticals • Science • Healthcare Insurance

ACM Global Laboratories is a leading provider of clinical trial testing services, supporting clinical trials globally in over 65 countries. The company offers a range of bioanalytical services, including small and large molecule analysis, biomarker analysis, and various laboratory testing solutions such as routine safety testing, flow cytometry, and advanced sample tracking. ACM Global Laboratories is recognized for its expertise in bioanalysis and toxicology services, ensuring high sensitivity and accuracy in drug and metabolite measurements across diverse biological samples. The company is dedicated to delivering actionable clinical insights and reliable toxicology services to healthcare providers, partnering with clinical trials to optimize development projects through state-of-the-art laboratory services, specimen management, and global logistics.

📋 Description

• Facilitate an ACM information security governance structure through the implementation of a hierarchical governance program • Define and execute the enterprise information security strategy and roadmap aligned with business objectives and regulatory obligations • Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors • Ensure that IT security requirements are included in vendor contracts by liaising with vendor management and procurement organizations • Create and manage a targeted information security awareness training program for all employees, contractors, and approved system users • Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services • Serve as executive advisor on cyber risk to ACM’s Executive Leadership Team (ELT) • Establish security governance, policies, standards, and metrics across global operations • Lead security investment planning and budgeting • Develop an information security vision and strategy that is aligned to organizational priorities and enables and facilitates the organization's business objectives • Develop, implement and monitor a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets • Develop and enhance an up-to-date information security management framework based on ISO 27001 • Create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations • Develop and maintain a document framework of continuously up-to-date information security policies, standards and guidelines • Oversee the approval and publication of these information security policies and practices • Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets • Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the information security, and review it with stakeholders at the executive and board levels • Ensure compliance with regulations and standards, including; ISO 27001 NIST, HIPAA, SOC 2, PCI FDA (21 CFR Part 11) GxP (GMP, GLP, GCP) HIPAA / HITECH GDPR and global privacy laws • Partner with Quality, Regulatory Affairs, and Legal to support audits and inspections • Oversee data integrity and validation controls for regulated systems • Safeguard research data, clinical trial data, patient data, software development, manufacturing IP, and trade secrets • Implement data classification, encryption, and access control strategies • Oversee secure collaboration with CROs, CMOs, research partners, and academia • Identify, assess, and mitigate cyber risks across IT, OT, cloud, and laboratory environments • Oversee ACM’s vulnerability management, penetration testing, and threat intelligence efforts • Work collaboratively with RRH IT to establish and oversee incident response, breach management, and cyber resilience programs • Develop cyber resilience and business continuity capabilities • Guide secure implementation of cloud platforms, AI/ML, digital labs, IoT/OT, and data platforms • Ensure security-by-design across system development and validation lifecycles • Oversee identity and access management, zero trust architecture, endpoint security, network security, and SOC operations • Develop and enforce third-party risk management programs for vendors, CROs, CMOs, and SaaS providers • Assess cyber risks in manufacturing, logistics, and distribution partners • Collaborate and liaise with the ACM’s data privacy officer and RRH IT security

🎯 Requirements

• Related Master’s degree in related field or MBA preferred • Demonstrated success managing global security programs in complex, regulated environments • Demonstrated experience managing / ensuring IT cloud security • ISO 27001 Lead Implementer/Auditor • Proven experience (5+ years) in global life sciences, biotech industries • Proven experience developing / managing ISO 27001 compliant IT security framework • Cloud security certifications (AWS, Azure, GCP) • Deep understanding of life sciences / biotech regulatory environments (global environments) • Proven ability to partner with and manage service providers to ensure compliance with organizational expectations • Significant experience /knowledge building IT security frameworks compliant with the following regulations / standards: FDA (21 CFR Part 11) GxP (GMP, GLP, GCP) ISO 27001, NIST HIPAA / HITECH GDPR and global privacy laws SOC 2, PCI • Advanced troubleshooting and analytical skills • Strong communication and cross-functional collaboration abilities • High attention to detail and commitment to system reliability • Ability to manage multiple complex initiatives simultaneously • Strong communication skills / strong executive communication and board-level presentation skills • Risk-based decision-making and business acumen • Experience balancing innovation with compliance and patient safety • Up-to-date knowledge of IT security methodologies and trends in both business and IT • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment • Project management skills: financial/budget management, scheduling and resource management • Engagement and collaboration with service providers

🏖️ Benefits

• Health insurance • 401(k) matching • Flexible work hours • Paid time off • Remote work options