What will you be doing as Director Information Security (CISO)?
- As the Information Security Director at Octapharma, you will hold a pivotal role where your primary focus is on aligning information security initiatives with overall business strategy.
- You will continue the development and implementation of a robust information security risk management framework and services to secure both our IT and OT (manufacturing) systems across the Octapharma group, fostering a security aware culture.
- This position requires a dynamic leader who can engage with all parts of the business and integrate cybersecurity into the fabric of our business operation
Strategic leadership: Collaborate closely with executive leadership to align information security strategy with broader business objectives. Provide visionary leadership in anticipating and responding to the rapidly evolving threat landscape. Champion security initiatives that enhance business processes without compromising efficiency.
Executive Reporting: Chair the Information Security Steering Committee, providing strategic insights to executive leadership. Prepare and present comprehensive security reports to the board of directors, highlighting the impact on business resilience.
Security Governance: Continue to develop, implement, and enforce information security policies, standards, and procedures, and drive compliance to industry standards and regulations. Collaborate with procurement and legal teams to integrate security requirements into third party vendor contracts. Evaluate and manage third-party provider security risks to support a secure business ecosystem.
Risk Management: Lead the identification, assessment, and prioritization of information security risks. Develop and implement risk management strategies that balance security requirements with business objectives. Continuously report on key risk indicators and security metrics to business management and drive risk management efforts.
Security Awareness and Training: Drive a culture of security awareness throughout the organization. Collaborate with HR to develop and implement tailored security training programs for employees at all levels.
Security Incident Management: Continuously improve and deliver the security operations center service, maintaining oversight and providing strategic guidance to technical teams and business leadership during incidents. Owning and maintaining the cyber crisis management process and tabletop exercises.
Cyber Threat and Vulnerability Management: Continuously improve and govern the vulnerability management service, maintaining and driving risk reduction for cyber threats identified in our IT and OT systems and providing strategic direction and guidance to other IT colleagues in charge of remediation efforts.
Who are you?
- University Degree in Information Security, IT or equivalent
- Excellent leadership skills, preferably of a global team.
- Desirable: Relevant security certifications such as from ISC2 -CISSP, ISACA CISM.
- 10+ years of professional work experience in information security.
- 3+ years of experience in a security leadership role such as head of information security/CISO, preferably in organizations which have manufacturing business operations.
- A collaborative individual, used to working cross functionally, able to influence and guide others.
- Proven experience, and happy to be, both strategic and hands-on in approach.
- Demonstrable experience of successfully driving change and transformation within a business.
- Excellent communication skills, both verbal and written in English, German is a plus, you are able to convey and ensure an understanding of complex messages.
- Desirable: You have knowledge of GXP, CSV and pharmaceutical industry related regulations.
- If needed you could travel, around 30% of your working time in Europe and USA occasionally.
The Information Technology Department
You will be reporting to the Vice President/CIO of Corporate IT.
The Corporate IT Team has overall accountability for IT services supporting all business functions across the Octapharma group. Because we are a privately owned company, we have a stable IT organization structure, long-term vision and strategy. This will enable you to deliver a security program which is truly focused on generating business value and protecting Octapharma.
You will work closely with other parts of the Octapharma IT organization.
What's the best thing about working with us?
- You help save lives – Every day is meaningful as we produce life-saving medicines
- Family values – Long-term perspective for employees and relationships
- Be rewarded with an attractive salary and benefits package
- You will have a high level of influence where you can make a difference and leave your footprint
- Work with skilled and fun colleagues in a relatively informal organization
- Skills development – We offer various internal and external employee and leadership trainings, trainee programs and digital solutions
Please apply in English. If you have questions about the position, contact Ms. Claudia Vignau, Recruiter; +41 55 451 21 35
If you proceed in the process
- We will endeavor to review your profile as quickly as possible and provide you with feedback
- The next step is to conduct a phone interview, which takes about 30 minutes.