Description
Information Security Analyst II, Governance & Risk
Syneos Health is the only fully integrated biopharmaceutical solutions organization purpose-built to accelerate customer success. We lead with a product development mindset, seamlessly connecting our capabilities to add high-value insights to speed therapies to patients and provide practical value to help our customers achieve their objectives. Our Clinical Development model brings the customer and the patient to the center of everything that we do. We are continuously looking for ways to simplify and streamline our work to not only make Syneos Health easier to work with,
but to make us easier to work for. Whether you join us in a Functional Service Provider partnership or a Full-Service environment, you'll collaborate with passionate problem solvers, innovating as a team to help our customers achieve their goals. We are agile and driven to accelerate the delivery of therapies, because we are passionate to change lives. Discover what our 29,000 employees, across 110 countries already know: WORK HERE MATTERS EVERYWHERE Why Syneos Health
- We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program.
- We are committed to our Total Self culture - where you can authentically be yourself. Our Total Self culture is what unites us globally, and we are dedicated to taking care of our people.
- We are continuously building the company we all want to work for and our customers want to work with. Why? Because when we bring together diversity of thoughts, backgrounds, cultures, and perspectives - we're able to create a place where everyone feels like they belong.
Job responsibilities
- Performs vendor security assessments and security reviews to assess the security posture and capabilities of Syneos Health vendors.
- Monitors Syneos Health vendors to ensure they are meeting Syneos Health vendor security requirements.
- Monitors, and reports on information security governance, risk and compliance key performance indicators.
- Assists with preparing and submitting mandatory information security program compliance reports to management, and clients.
- Prepares responses to internal and external inquiries about information security program, compliance, and performance.
- Helps administer information security governance review and approval procedures.
- Collaborates with other security organization members on cross-business / cross-functional opportunities.
- Performs security data analysis and event tracking.
- Responds to reported security incidents and events through the Company's ticketing system.
- Writes documentation and reports.
- Evaluates new security technology in the Company environment.
- Other duties as assigned.
Qualifications What we're looking for
- Bachelor's Degree (or higher) preferred (or equivalent experience). Industry certifications such as CISA, CRISC, CISSP or similar industry certification desirable.
- Ability to communicate information security obligations and good practices in business terms.
- Strong analysis, customer service, and communication skills.
- Experience with leading information security frameworks and policy concepts.
- Proficient with Microsoft Office Suite (Word, Excel, Power Point).
- Professional with ability to properly handle confidential information.
- Ability to work well independently and in a team environment.
- Ability to handle multiple tasks, prioritize and meet deadlines.
- Ability to work within a matrix organization.
- Excellent written and verbal communication skills.
- Must have ability to positively handle/manage stress, such as high work volume and frequent change.
- Must have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones.
- Understanding of security tools such as firewalls, anti-malware, Intrusion Detection/ Intrusion Prevention systems (IDS/IPS), Data Leak Prevention (DLP), Unified Threat Management (UTM).
- Familiarity with common information security standards such as ISO-27000 and NIST SP 800 series.
- Ability to review reports and system activity logs to identify critical events, categorize according to priority, and escalate as appropriate.
- Minimal travel.
Get to know Syneos Health
Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients. No matter what your role is, you'll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health.
Additional Information: Tasks, duties, and responsibilities as listed in this job description are not exhaustive.
#J-18808-Ljbffr