Manager, Cybersecurity Risk

Posted 2 Days Ago
Be an Early Applicant
Hiring Remotely in USA
Remote
117K-175K Annually
Senior level
Internet of Things • Pharmaceutical
The Role
The Cybersecurity Risk Manager oversees cybersecurity assessments and penetration tests, coordinates issues management, and collaborates with stakeholders to ensure compliance with information security controls.
Summary Generated by Built In

Job Summary

The Cybersecurity risk manager reports to the Business Information Security Officer (BISO) and collaborates with business and IT colleagues to deliver critical capabilities in support of strategic information security goals. This includes operational management of third-party and IT system cybersecurity assurance processes that assess against company standard information security controls. This role will also coordinate the execution of periodic penetration tests and other required cybersecurity assessments, including the end-to-end management of identified issues. The role will interface with stakeholders in privacy, legal, quality, and other compliance functions and requires excellent communication skills and the ability to support multiple efforts across information security disciplines.

Job Description

As a member of the Information Security team and under the supervision of the BISO, the Cybersecurity Risk Manager is responsible for cybersecurity assessment processes in alignment with the IS strategy and roadmap. Responsibilities include working with the business and IT to ensure that they assess third parties and IT systems against information security controls. The Cybersecurity Risk Manager also leads the coordination and execution of penetration tests and other cybersecurity assessments, ensuring the assignment of identified issues to owners and tracking through completion. In addition, this role supports the BISO in the management of a cybersecurity risk management platform. The expectation is that the individual successfully coordinates multiple tasks and priorities continuously with limited supervision.

Supply Chain Cybersecurity Assurance

  • Support the business and IT on initial assessment of third parties against industry standard information security controls using the company standard third party risk management solution.
  • Manage identified issues through cybersecurity risk management processes, including risk analysis and recommendations for remediation or mitigation, in partnership with colleagues from privacy, legal, quality, and other compliance functions as required.
  • Establish and manage a complete inventory of business and IT applications and third parties to ensure a defined level of inherent and residual risk.
  • Oversee and support the execution of ongoing governance for inherently high risk third parties, ensuring the periodic evaluation of changes to security posture.
  • Provide periodic status reporting to the BISO and CISO.

System Cybersecurity Assurance

  • Support the business and IT on the execution of information security assessments against industry standard information security controls as part of the systems development life cycle.
  • Manage identified issues through cybersecurity risk management processes, including risk analysis and recommendations for remediation or mitigation, in partnership with compliance stakeholders from privacy, legal, quality and compliance colleagues as required.
  • Manage the process to ensure that the inherent and residual risk levels for business and IT applications are documented, with a focus on those that collect, process or store vital information (“crown jewels”) in coordination with information security colleagues.
  • Oversee the execution of ongoing assessments for inherently high-risk IT systems, including a periodic evaluation of changes to the security posture.
  • Provide periodic status reporting to the BISO and CISO, including the identification of systemic risk issues.

Penetration Testing and Cybersecurity Assessments

  • Support the planning, scoping and coordination of annual independent penetration tests conducted by external partners.
  • Analyze findings from the penetration tests and ensure the assignment of appropriate remediation or mitigation actions in collaboration with IT and information security colleagues.
  • Track all issues through completion through the cybersecurity risk management process.
  • Provide periodic status reporting to key stakeholders.

To be successful in this Cybersecurity Risk Manager role, you must have and maintain knowledge of the information and cybersecurity frameworks and best practices, exhibit strong analytical skills and good judgement, and demonstrate excellent communication in collaboration with stakeholders. You must also stay up to date with industry advancements and continuously improve security protocols to protect the organization's data from threats.

Qualifications/ Required

Knowledge/ Experience and Skills:

  • 5+ years of experience in information security, including roles in information security assurance or assessment processes.
  • Strong understanding of cybersecurity frameworks and best practices.
  • Excellent communication and people skills, with the ability to explain complex technical concepts to non-technical stakeholders, both verbally and written.
  • Experience with cloud security (e.g., AWS, Azure, Google Cloud).
  • Convey a can-do approach, even in the face of obstacles and constraints, by assessing what is in front of you and effectively and efficiently optimizing what you have, whether it is working on something new or thinking about how to do something better.
  • Demonstrate teamwork and communication skills through knowledge sharing, collaboration, and relationship-building.
  • Exhibit the capacity to actively learn and apply specific domain knowledge and best practices to continually enhance and improve.

Educational Qualifications

  • Bachelor’s degree in computer science, Information Security, or a related field.
  • Certifications such as CISSP, CISM, CISA, or similar are highly desirable.

Competencies
Accountability for Results - Stay focused on key strategic objectives, be accountable for high standards of performance, and take an active role in leading change.
Strategic Thinking & Problem Solving - Make decisions considering the long-term impact to customers, patients, employees, and the business.
Patient & Customer Centricity - Maintain an ongoing focus on the needs of our customers and/or key stakeholders.
Impactful Communication - Communicate with logic, clarity, and respect. Influence at all levels to achieve the best results for Otsuka.
Respectful Collaboration - Seek and value others’ perspectives and strive for diverse partnerships to enhance work toward common goals.
Empowered Development - Play an active role in professional development as a business imperative.

Minimum $117,027.00 - Maximum $175,030.00, plus incentive opportunity: The range shown represents a typical pay range or starting pay for individuals who are hired in the role to perform in the United States. Other elements may be used to determine actual pay such as the candidate’s job experience, specific skills, and comparison to internal incumbents currently in role. Typically, actual pay will be positioned within the established range, rather than at its minimum or maximum. This information is provided to applicants in accordance with states and local laws.

Application Deadline: This will be posted for a minimum of 5 business days.

Company benefits:  Comprehensive medical, dental, vision, prescription drug coverage, company provided basic life, accidental death & dismemberment, short-term and long-term disability insurance, tuition reimbursement, student loan assistance, a generous 401(k) match, flexible time off, paid holidays, and paid leave programs as well as other company provided benefits.

Come discover more about Otsuka and our benefit offerings; https://www.otsuka-us.com/careers-join-otsuka.

Disclaimer: 
 

This job description is intended to describe the general nature and level of the work being performed by the people assigned to this position. It is not intended to include every job duty and responsibility specific to the position. Otsuka reserves the right to amend and change responsibilities to meet business and organizational needs as necessary. 

 

Otsuka is an equal opportunity employerAll qualified applicants are encouraged to apply and will be given consideration for employment without regard to race, color, sex, gender identity or gender expression, sexual orientation, age, disability, religion, national origin, veteran status, marital status, or any other legally protected characteristic.   

 

If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation, if you are unable or limited in your ability to apply to this job opening as a result of your disabilityYou can request reasonable accommodations by contacting Accommodation Request. 

Statement Regarding Job Recruiting Fraud Scams

At Otsuka we take security and protection of your personal information very seriously. Please be aware individuals may approach you and falsely present themselves as our employees or representatives.  They may use this false pretense to try to gain access to your personal information or acquire money from you by offering fictitious employment opportunities purportedly on our behalf.

Please understand, Otsuka will never ask for financial information of any kind or for payment of money during the job application process. We do not require any financial, credit card or bank account information and/or any payment of any kind to be considered for employment. We will also not offer you money to buy equipment, software, or for any other purpose during the job application process. If you are being asked to pay or offered money for equipment fees or some other application processing fee, even if claimed you will be reimbursed, this is not Otsuka. These claims are fraudulent and you are strongly advised to exercise caution when you receive such an offer of employment.

Otsuka will also never ask you to download a third-party application in order to communicate about a legitimate job opportunity. Scammers may also send offers or claims from a fake email address or from Yahoo, Gmail, Hotmail, etc, and not from an official Otsuka email address. Please take extra caution while examining such an email address, as the scammers may misspell an official Otsuka email address and use a slightly modified version duplicating letters.

To ensure that you are communicating about a legitimate job opportunity at Otsuka, please only deal directly with Otsuka through its official Otsuka Career website https://vhr-otsuka.wd1.myworkdayjobs.com/en-US/External.

Otsuka will not be held liable or responsible for any claims, losses, damages or expenses resulting from job recruiting scams. If you suspect a position is fraudulent, please contact Otsuka’s call center at: 800-363-5670. If you believe you are the victim of fraud resulting from a job recruiting scam, please contact the FBI through the Internet Crime Complaint Center at: https://www.ic3.gov,  or your local authorities.

Otsuka America Pharmaceutical Inc., Otsuka Pharmaceutical Development & Commercialization, Inc., and Otsuka Precision Health, Inc. (“Otsuka”) does not accept unsolicited assistance from search firms for employment opportunities.  All CVs/resumes submitted by search firms to any Otsuka employee directly or through Otsuka’s application portal without a valid written search agreement in place for the position will be considered Otsuka’s sole property.  No fee will be paid if a candidate is hired by Otsuka as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. 

Top Skills

AWS
Azure
Cybersecurity Frameworks
GCP
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Princeton, NJ
3,516 Employees

What We Do

There are two Otsuka pharmaceutical industry companies in the U.S.:

Otsuka America Pharmaceutical, Inc. (OAPI) successfully commercializes Otsuka-discovered and in-licensed products in North America.

Otsuka Pharmaceutical Development & Commercialization, Inc. (OPDC) clinically develops and registers innovative healthcare products on a global basis.

Similar Jobs

In-Office or Remote
19 Locations
2069 Employees
135K-155K Annually

BlackLine Logo BlackLine

Mid-market Account Executive

Cloud • Fintech • Information Technology • Machine Learning • Software • App development • Generative AI
Remote or Hybrid
United States
1810 Employees
76K-90K Annually

Wipfli Logo Wipfli

Manager, Cybersecurity and Managed Services

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote or Hybrid
Radnor, PA, USA
3000 Employees
7-10

Wipfli Logo Wipfli

Accounting Manager

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote or Hybrid
United States
3000 Employees
97K-130K Annually

Similar Companies Hiring

Cencora Thumbnail
Pharmaceutical • Logistics • Healthtech
Conshohocken, PA
51000 Employees
Rundoo Thumbnail
Software • Internet of Things • Information Technology • Cloud
Redwood City, , California
50 Employees
HERE Technologies Thumbnail
Software • Logistics • Internet of Things • Information Technology • Computer Vision • Automotive • Artificial Intelligence
Amsterdam, NL
6000 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account