Executive Director, Global Head of Cybersecurity and IT Risk Management

Kyowa Kirin is a fast-growing global specialty pharmaceutical company that applies state-of-the-art biotechnologies to discover and deliver novel medicines in four disease areas: bone and mineral; intractable hematologic; hematology oncology; and rare disease.  A Japan-based company, our goal is to make people smile by delivering breakthroughs where no adequate treatments currently exist, working from drug discovery to product development and commercialization. In North America, we are headquartered in Princeton, NJ, with offices in California, Massachusetts, and Ontario.

The Executive Director, Global Head of Cybersecurity and IT Risk Management for protecting the network and attached systems against internal and external threats, physical and in cyber space. This position ensures security devices are properly configured and fit for purpose and will play a key role as one of global ICT leadership members working with Global stakeholders including CSR, Region/function Key stakeholders and external security vendors ensuring computer services, systems and practices contribute to overall data and network security. Further, this position will ensure monitoring and analysis practices are in place to help ensure IT security issues are identified and mitigated.

Esential Functions

• Implement and monitor security measures for the protection of computer systems, networks, and data.
• Develop an operating model with clear goals, metrics, and an analysis of organizational challenges to drive maturity improvements.
• Develop strategy and governance for the implementation and use of Artificial Intelligence (AI).
• Establish/maintain the management framework with collaborating with related stakeholders inside and outside of ICT function.
• Monitor and analyze network traffic.
• Identify and define system security requirements.
• Design computer security architecture and develop detailed cyber security designs.
• Prepare and document standard operating procedures (SOP) and protocols for security best practices.
• Configure and troubleshoot security infrastructure devices.
• Develop technical solutions and security tools to mitigate vulnerabilities.
• Write comprehensive reports on assessment findings and propositions for security enhancements.
• Collaborate with global teams on security initiatives.
• Conduct penetration testing.
• Manage the Third Party Risk Management security program.
• Dedicate resources for network threat detection and response.
• Implement controls to reduce IT risks in cloud and co-location environments.
• Support the implementation of Information Security Programs and advise on Active Directory best practices.
• Evaluate and recommend end-point best practices and systems.
• Manage vulnerabilities of IT systems and execute the incident response plan, playing a key role as Incident Commander.
• Actively participate at global and regional levels to ensure IT security meets business objectives.
• Maintain high security capabilities in threat mitigation, detection, and response across all IT systems, including third-party vendors.
• Perform vendor security audits and screenings as needed.
• Provide performance information of team members to regional ICT heads for personnel evaluation.

Education

Bachelor’s degree in Security Engineering or related field required; Master’s degree in Information Technology, security or any other related technical or data science field is preferred; One or more certifications such as a CISSP, CISA, CISM or equivalent is desired.

Experience

At least 12 years of security industry experience; Proven work experience as a director/manager in one of the security function areas: Security operations, incident response, governance, risk and compliance with a working knowledge of the NIST CSF 2.0 framework; Experience in building and maintaining security systems; Detailed technical knowledge of database and operating system security; Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.; Experience with network security and networking technologies and with system, security, and network monitoring tools; Thorough understanding of the latest security principles, techniques, and protocols.

Technical Skills

Proficient in MS Office Suite; Experience or knowledge of cloud services such as AWS/MS Azure etc.

Non-Technical Skills

Problem solving skills and ability to work under pressure; Business and strategic acumen and ability to manage expanding levels of complexity; Fluent in English; Excellent verbal and written communication skills and executive presence; Broad level of interpersonal skills and flexibility; Cultural sensitivity and ability to develop consensus within a multinational organization.

KKNA and all of its employees have an obligation to act in accordance with the law and with integrity in all our operations and interactions

It is the policy of Kyowa Kirin North America, Inc. to provide equal employment opportunity to all qualified persons without regard to race, religion, creed, color, pregnancy, sex, age, national origin, disability, genetic trait or predisposition, veteran status, marital status, sexual orientation or affection preference or citizenship status or any other category protected by law.

When you apply to a job on this site, the personal data contained in your application will be collected and stored by Kyowa Kirin, Inc. (“Controller”), which is located at 510 Carnegie Center Dr. Princeton, NJ 08540 USA and can be contacted by emailing [email protected]. Controller’s data protection officer can be contacted at [email protected]. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of General Data Protection Regulation (EU) 2016/679 (“GDPR”) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment. 

Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. The transfer will be made using appropriate additional safeguards under the standard contractual clauses approved by regulators for transfers of personal data outside the European Union.

Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment.  Under the GDPR, if you are located in the European Union, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability, and to lodge a complaint with an EU supervisory authority. If you have any questions about our use of your data, you may contact us by email at [email protected].

Recruitment & Staffing Agencies

Kyowa Kirin does not accept agency resumes unless contacted directly by internal Kyowa Kirin Talent Acquisition. Please do not forward resumes to Kyowa Kirin employees or any other company location; Kyowa Kirin is not responsible for any fees related to unsolicited resumes.

#LI-Hybrid

#-LI-JM1