Information Security Mgr (R1123032) in Warsaw, PL at IQVIA™

Date Posted: 3/20/2020

Job Snapshot

Job Description

IQVIA™ is the leading human data science company focused on helping healthcare clients find unparalleled insights and better solutions for patients. Formed through the merger of IMS Health and Quintiles, IQVIA offers a broad range of solutions that harness the power of healthcare data, domain expertise, transformative technology, and advanced analytics to drive healthcare forward.

Manager, Information Security

Department: Global Information Security

Location: Warsaw, PL

Reporting to: Associate Director, Information Security

ROLE AND RESPONSIBILITIES

The role presents a dynamic opportunity to ensure the secure operation of the IQVIA global information technology (IT) infrastructure and processes through operating and maintaining our security safeguards while providing input to the continual improvement of the enterprise IT security design and configuration. This role plays a significant part in our Global Information Security team and will provide an excellent opportunity to liaise with key external and internal stakeholders locally while strengthening our Information Security function.

You will be part of a global structure partnering with the IT community and business teams and delivering an ongoing IQVIA Global Information Security program. You will contribute to success of the Information Security Operations work stream through operation of advanced technologies that enable system reliability for business development, and providing adequate protection against the threats to information systems and in particular, the data assets.

RESPONSIBILITIES

You will also find yourself working together with other IQVIA Information Security team members, and liaising regularly with stakeholders at IQVIA, including members of CIO organization, Global and Regional Business Units teams. This is an opportunity to join and progress with a forward thinking department.

This role will provide the Vulnerability Management services. The primary responsibilities are:

  • Manage continuous identification of vulnerabilities in the IQVIA systems and applications
  • Coordinate penetration tests
  • Gather Threat Intelligence and alert stakeholders about emerging threats
  • Ensure identified vulnerabilities are timely mitigated to an acceptable level
  • Based on identified vulnerabilities and gathered threat intelligence prioritize patches to be applied
  • Liaise with third party vendors to provide best in class services
  • Continuously challenge security posture of the IQVIA environment and related Incident Response procedures
  • Review world-wide appearing threats in terms of their applicability and impact on IQVIA’s environment
  • Provide Information Security advisory services to IQVIA teams
  • Cooperate with internal and external stakeholders to lead global Vulnerability Management processes
  • Propose and implement improvements to the landscape of technical security safeguards, including technologies, systems and associated processes and procedures
  • Develop and document operational procedures and metrics in relation to carried out activities
  • Utilize information security technical safeguards and associated procedures, analyzing output and producing relevant management information reports for further improvements in the security safeguards landscape, including vulnerability assessment, threat intelligence and patching
  • Contribute to effectiveness of the Information Security Operations team by providing expert analysis and input to incident identification, response, resolution, and post-incident investigations

EXPERIENCE AND SKILLS

Required skills and experience

  • Experience in Cybersecurity, Information Security, Risk Management, IT Controls, Security Operations Center or other related area is mandatory
  • Hands-on experience in security testing of web applications is mandatory
  • Generic knowledge of how Internet works (protocols, services, ports, connections, devices, ISO/OSI layers)
  • Self-written exploits, tools, scripts or security-related articles/posts are a strong plus
  • Know-how of testing mobile applications is a strong plus
  • Know-how of scripting and Linux is a plus
  • Working knowledge of cybersecurity principles, algorithms, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
  • Commitment in delivering significant value to organization as a trusted advisor
  • Excellent communication skills, including ability to communicate across countries and cultures
  • Excellent team player and collaborator
  • Attention to detail
  • Ability to work under own initiative, and enthusiasm to drive through change and multi task
  • Ability to exercise high level of confidentiality when dealing with highly sensitive information
  • Experience of estimating and planning work effort including managing risks and issues in relation to delivery of work
  • Commitment to ongoing professional development

QUALIFICATIONS

  • Master’s degree in computer science, computer engineering, or information technology
  • Minimum 4 years of related work experience
  • At least two of the following certificates: GPEN, CISSP, CEH, OSCE, OSCP
  • An ITIL or project management certificates are not required but beneficial

Additional Requirements

The position may require occasional domestic and international travel of approx. 15%.

Join Us

Making a positive impact on human health takes insight, curiosity, and intellectual courage. It takes brave minds, pushing the boundaries to transform healthcare. Regardless of your role, you will have the opportunity to play an important part in helping our clients drive healthcare forward and ultimately improve outcomes for patients.

Forge a career with greater purpose, make an impact, and never stop learning.



Job ID: R1123032