Manager, Information Security
Department : Global Information Security
Location : Warsaw, PL
Reporting to : Associate Director, Information Security
ROLE AND RESPONSIBILITIES
The role presents a dynamic opportunity to ensure the secure operation of the IQVIA global information technology (IT) infrastructure and processes through operating and maintaining our security safeguards while providing input to the continual improvement of the enterprise IT security design and configuration.
This role plays a significant part in our Global Information Security team and will provide an excellent opportunity to liaise with key external and internal stakeholders locally while strengthening our Information Security function.
You will be part of a global structure partnering with the IT community and business teams and delivering an ongoing IQVIA Global Information Security program.
You will contribute to success of the Information Security Operations work stream through operation of advanced technologies that enable system reliability for business development, and providing adequate protection against the threats to information systems and in particular, the data assets.
You will also find yourself working together with other IQVIA Information Security team members, and liaising regularly with stakeholders at IQVIA, including members of CIO organization, Global and Regional Business Units teams.
This is an opportunity to join and progress with a forward thinking department.
This role will provide the Vulnerability Management services. The primary responsibilities are :
Manage continuous identification of vulnerabilities in the IQVIA systems and applications
Coordinate penetration tests
Gather Threat Intelligence and alert stakeholders about emerging threats
Ensure identified vulnerabilities are timely mitigated to an acceptable level
Based on identified vulnerabilities and gathered threat intelligence prioritize patches to be applied
Liaise with third party vendors to provide best in class services
Continuously challenge security posture of the IQVIA environment and related Incident Response procedures
Review world-wide appearing threats in terms of their applicability and impact on IQVIA’s environment
Provide Information Security advisory services to IQVIA teams
Cooperate with internal and external stakeholders to lead global Vulnerability Management processes
Propose and implement improvements to the landscape of technical security safeguards, including technologies, systems and associated processes and procedures
Develop and document operational procedures and metrics in relation to carried out activities
Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
Contribute to effectiveness of the Information Security Operations team by providing expert analysis and input to incident identification, response, resolution, and post-incident investigations
EXPERIENCE AND SKILLS
Required skills and experience
Experience in Cybersecurity, Information Security, Risk Management, IT Controls, Security Operations Center or other related area is mandatory
Hands-on experience in security testing of web applications is mandatory
Generic knowledge of how Internet works (protocols, services, ports, connections, devices, ISO / OSI layers)
Self-written exploits, tools, scripts or security-related articles / posts are a strong plus
Know-how of testing mobile applications is a strong plus
Know-how of scripting and Linux is a plus
Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
Commitment in delivering significant value to organization as a trusted advisor
Excellent communication skills, including ability to communicate across countries and cultures
Excellent team player and collaborator
Attention to detail
Ability to work under own initiative, and enthusiasm to drive through change and multi task
Ability to exercise high level of confidentiality when dealing with highly sensitive information
Experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
Commitment to ongoing professional development
Master’s degree in computer science, computer engineering, or information technology
Minimum 4 years of related work experience
An ITIL or project management certificates are not required but beneficial