Senior Director, Information Technology Security

Kyowa Kirin is a fast-growing global specialty pharmaceutical company that applies state-of-the-art biotechnologies to discover and deliver novel medicines in four disease areas: bone and mineral; intractable hematologic; hematology oncology; and rare disease.  A Japan-based company, our goal is to make people smile by delivering breakthroughs where no adequate treatments currently exist, working from drug discovery to product development and commercialization. In North America, we are headquartered in Princeton, NJ, with offices in California, Massachusetts, and Ontario.

The Senior Director, Information Technology Security is responsible for protecting the network and attached systems against internal and external threats; physical and in cyber space. This position ensures security devices are properly configured and fit for purpose and will play a key role working with HQ based global teams and external security vendors ensuring computer services, systems and practices contribute to overall data and network security. Further, this position will ensure monitoring and analysis practices are in place to help ensure IT security issues are identified and mitigated.

Essential Functions:

• Managing NA IT cyber security risk aligning with both global direction and regional requirements
• Implement and monitor security measures for the protection of computer systems, network and data.
• Responsible for network traffic monitoring and
• Identify and define system security
• Design computer security architecture and develop detailed cyber security designs.
• Prepare and document standard operating procedures and protocols for security best practices.
• Configure and troubleshoot security infrastructure devices
• Develop technical solutions and new security tools to help mitigate security vulnerabilities.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
• Work with global teams on security related
• Responsible for conducting Penetration
• Responsible for managing Third Party Risk Management security program.
• Responsible for network threat dedication and
• Responsible for implementation of controls to reduce IT risks in cloud and co-location environments.
• Responsible for supporting the implementation of Information Security Programs.
• Responsible for advising on Active Directory best security
• Responsible for evaluating and recommending end-point best practices and systems.
• Responsible for Vulnerability management of IT systems.
• Responsible for reviewing, and executing the incident response plan; play Key role on the incident response
• Responsible for developing relevant metrics, analyzing data, identifying trends and help drive improvements to the control
• Responsible for developing SOPs, in close collaboration with relevant areas, for NA IT to achieve strong governance in System Development and Operation, Asset Management, Strategy Development and Service and Asset Procurement.
• Actively participates in both the global and regional level to ensure IT security meets business objections.
• Responsible for maintain a high degree of security capabilities in threat mitigation, detection and response throughout all IT systems. Supports security initiatives in global systems and Third Party vendors.
• Responsible for supporting other IT departments delivering on key initiatives.
• Perform vendor security audits and screenings as needed, based on best practices.

Education

Bachelor’s degree in security engineering or related field required. CISSP, CISA, CISM or equivalent certification required.

Experience

At least 5 years of industry experience. Proven work experience as a System Security Engineer or Information Security Engineer – working knowledge of NIST framework. Experience in building and maintaining security systems. Detailed technical knowledge of database and operating system security. Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. Experience with network security and networking technologies and with system, security, and network monitoring tools. Thorough understanding of the latest security principles, techniques, and protocols.

Technical Skills

Proficient in MS Office Suite.

Non-Technical Skills

Problem solving skills and ability to work under pressure. Business and strategic acumen and ability to manage expanding levels of complexity. Excellent verbal and written communication skills and executive presence.  Broad level of interpersonal skills and flexibility. Cultural sensitivity and ability to develop consensus within a multinational organization.

KKNA and all of its employees have an obligation to act in accordance with the law and with integrity in all our operations and interactions

It is the policy of Kyowa Kirin North America, Inc. to provide equal employment opportunity to all qualified persons without regard to race, religion, creed, color, pregnancy, sex, age, national origin, disability, genetic trait or predisposition, veteran status, marital status, sexual orientation or affection preference or citizenship status or any other category protected by law.

When you apply to a job on this site, the personal data contained in your application will be collected and stored by Kyowa Kirin, Inc. (“Controller”), which is located at 510 Carnegie Center Dr. Princeton, NJ 08540 USA and can be contacted by emailing kkus.talentacquisition.8h@kyowakirin.com. Controller’s data protection officer can be contacted at usprivacyoffice@kyowakirin.com. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of General Data Protection Regulation (EU) 2016/679 (“GDPR”) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment. 

Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. The transfer will be made using appropriate additional safeguards under the standard contractual clauses approved by regulators for transfers of personal data outside the European Union.

Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment.  Under the GDPR, if you are located in the European Union, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have the right to data portability, and to lodge a complaint with an EU supervisory authority. If you have any questions about our use of your data, you may contact us by email at usprivacyoffice@kyowakirin.com.

Recruitment & Staffing Agencies

Kyowa Kirin does not accept agency resumes unless contacted directly by internal Kyowa Kirin Talent Acquisition. Please do not forward resumes to Kyowa Kirin employees or any other company location; Kyowa Kirin is not responsible for any fees related to unsolicited resumes.

#LI-Hybrid

#-LI-JM1