Associate Director , Vulnerability Management (R1067566) in Warsaw, PL at IQVIA™

Date Posted: 3/20/2020

Job Snapshot

Job Description

IQVIA™ is the leading human data science company focused on helping healthcare clients find unparalleled insights and better solutions for patients. Formed through the merger of IMS Health and Quintiles, IQVIA offers a broad range of solutions that harness the power of healthcare data, domain expertise, transformative technology, and advanced analytics to drive healthcare forward.

Associate Director, Information Security

Department: Global Information Security

Location: Warsaw, PL

Reporting to: Director, Information Security


The role presents a dynamic opportunity to ensure the secure operation of the IQVIA global information technology (IT) infrastructure and processes through operating and maintaining our security safeguards while providing input to the continual improvement of the enterprise IT security design and configuration. This role plays a significant part in our Global Information Security team and will provide an excellent opportunity to liaise with key external and internal stakeholders locally while strengthening our Information Security function.

You will be part of a global structure partnering with the IT community and business teams and delivering an ongoing IQVIA Global Information Security program. You will contribute to success of the Information Security Operations work stream through operation of advanced technologies that enable system reliability for business development, and providing adequate protection against the threats to information systems and in particular, the data assets.


You will have unique opportunity to create and lead a global vulnerability management function with direct reports located in multiple regions. You will also find yourself working together with other IQVIA Information Security team leaders, and liaising regularly with stakeholders at IQVIA, including members of CIO organization, Global and Regional Business Units teams. This is an opportunity to join and progress with a forward thinking department.

This role will develop and coordinate the Vulnerability Management services. The primary responsibilities are:

  • Develop strategy of continuous identification of vulnerabilities in the IQVIA systems and applications, including inhouse and third party provided infrastructure scans, web application scans, mobile application, source code scanning and penetration tests
  • Ensure gathering adequate Threat Intelligence, reviewing applicability and impact on IQVIA’s environment and alerting stakeholders about emerging threats
  • Based on identified vulnerabilities and gathered threat intelligence prioritize patches to ensure timely mitigation to an acceptable level
  • Liaise with third party vendors to provide best in class services
  • Continuously challenge security posture of the IQVIA environment and related Incident Response procedures
  • Provide Information Security advisory services to IQVIA teams
  • Cooperate with internal and external stakeholders to lead global Vulnerability Management processes
  • Propose and implement improvements to the landscape of technical security safeguards, including technologies, systems and associated processes and procedures
  • Develop and document operational procedures and metrics in relation to carried out activities
  • Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
  • Contribute to effectiveness of the Information Security Operations team by providing expert analysis and input to incident identification, response, resolution, and post-incident investigations


Required skills and experience

  • Experience in development and delivery of professional services in multinational organizations
  • Excellent stakeholder management and communication skills, including ability to communicate across countries and cultures
  • Experience in Cybersecurity, Information Security, Risk Management, IT Controls, Security Operations Center or other related area is mandatory
  • Hands-on experience in security testing of web applications
  • Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
  • Commitment in delivering significant value to organization as a trusted advisor
  • Sound team leader and collaborator
  • Attention to detail
  • Ability to work under own initiative, and enthusiasm to drive through change and multi task
  • Ability to exercise high level of confidentiality when dealing with highly sensitive information
  • Experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
  • Commitment to ongoing professional development


  • Master’s degree in computer science, computer engineering, or information technology
  • Minimum 6 years of related work experience
  • At least two of the following certificates: GPEN, CISSP, CEH, OSCE, OSCP
  • An ITIL or project management certificates are not required but beneficial

Additional Requirements

The position may require occasional domestic and international travel of approx. 15%.

Join Us

Making a positive impact on human health takes insight, curiosity, and intellectual courage. It takes brave minds, pushing the boundaries to transform healthcare. Regardless of your role, you will have the opportunity to play an important part in helping our clients drive healthcare forward and ultimately improve outcomes for patients.

Forge a career with greater purpose, make an impact, and never stop learning.

Job ID: R1067566


  1. IT Jobs
  2. IT Manager Jobs