Associate Director , Vulnerability Management

Associate Director, Information Security

Department: Global Information Security

Location: Warsaw, PL

Reporting to: Director, Information Security

ROLE AND RESPONSIBILITIES

The role presents a dynamic opportunity to ensure the secure operation of the IQVIA global information technology (IT) infrastructure and processes through operating and maintaining our security safeguards while providing input to the continual improvement of the enterprise IT security design and configuration. This role plays a significant part in our Global Information Security team and will provide an excellent opportunity to liaise with key external and internal stakeholders locally while strengthening our Information Security function.

You will be part of a global structure partnering with the IT community and business teams and delivering an ongoing IQVIA Global Information Security program. You will contribute to success of the Information Security Operations work stream through operation of advanced technologies that enable system reliability for business development, and providing adequate protection against the threats to information systems and in particular, the data assets.

RESPONSIBILITIES

You will have unique opportunity to create and lead a global vulnerability management function with direct reports located in multiple regions. You will also find yourself working together with other IQVIA Information Security team leaders, and liaising regularly with stakeholders at IQVIA, including members of CIO organization, Global and Regional Business Units teams. This is an opportunity to join and progress with a forward thinking department.

This role will develop and coordinate the Vulnerability Management services. The primary responsibilities are:

• Develop strategy of continuous identification of vulnerabilities in the IQVIA systems and applications, including inhouse and third party provided infrastructure scans, web application scans, mobile application, source code scanning and penetration tests
• Ensure gathering adequate Threat Intelligence, reviewing applicability and impact on IQVIA’s environment and alerting stakeholders about emerging threats
• Based on identified vulnerabilities and gathered threat intelligence prioritize patches to ensure timely mitigation to an acceptable level
• Liaise with third party vendors to provide best in class services
• Continuously challenge security posture of the IQVIA environment and related Incident Response procedures
• Provide Information Security advisory services to IQVIA teams
• Cooperate with internal and external stakeholders to lead global Vulnerability Management processes
• Propose and implement improvements to the landscape of technical security safeguards, including technologies, systems and associated processes and procedures
• Develop and document operational procedures and metrics in relation to carried out activities
• Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
• Contribute to effectiveness of the Information Security Operations team by providing expert analysis and input to incident identification, response, resolution, and post-incident investigations

EXPERIENCE AND SKILLS

Required skills and experience

• Experience in development and delivery of professional services in multinational organizations
• Excellent stakeholder management and communication skills, including ability to communicate across countries and cultures
• Experience in Cybersecurity, Information Security, Risk Management, IT Controls, Security Operations Center or other related area is mandatory
• Hands-on experience in security testing of web applications
• Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
• Commitment in delivering significant value to organization as a trusted advisor
• Sound team leader and collaborator
• Attention to detail
• Ability to work under own initiative, and enthusiasm to drive through change and multi task
• Ability to exercise high level of confidentiality when dealing with highly sensitive information
• Experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
• Commitment to ongoing professional development

QUALIFICATIONS

• Master’s degree in computer science, computer engineering, or information technology
• Minimum 6 years of related work experience
• At least two of the following certificates: GPEN, CISSP, CEH, OSCE, OSCP
• An ITIL or project management certificates are not required but beneficial

Additional Requirements

The position may require occasional domestic and international travel of approx. 15%.

At IQVIA, we believe in pushing the boundaries of human science and data science to make the biggest impact possible – to help our customers create a healthier world. The advanced analytics, technology solutions and contract research services we provide to the life sciences industry are made possible by our 67,000+ employees around the world who apply their insight, curiosity and intellectual courage every step of the way. Learn more at jobs.iqvia.com.