Senior Manager, Security Compliance (Remote)

If you are a current Jazz employee please apply via the Internal Career site

Jazz Pharmaceuticals plc (NASDAQ: JAZZ) is a global biopharmaceutical company whose purpose is to innovate to transform the lives of patients and their families. We are dedicated to developing life-changing medicines for people with serious diseases - often with limited or no therapeutic options. We have a diverse portfolio of marketed medicines and novel product candidates, from early- to late-stage development, in neuroscience and oncology. We actively explore new options for patients including novel compounds, small molecules and biologics, and through cannabinoid science and innovative delivery technologies. Jazz is headquartered in Dublin, Ireland and has employees around the globe, serving patients in nearly 75 countries. For more information, please visit www.jazzpharma.com and follow @JazzPharma on Twitter.

Job Description

Brief Description:

We are seeking a highly skilled and experienced Senior Manager of Information Security Compliance to lead our information security compliance team. This role involves managing internal and external security assessments, performing security audits, overseeing the ISO 27001 program, and ensuring compliance with information security policies and standards. The ideal candidate will have experience leading audits and assessments and a deep understanding of ISO 27001, NIST, industry best practices, and relevant laws and regulations such as SOX and privacy laws. They will be responsible for developing and implementing compliance strategies, conducting thorough security assessments, managing audit processes, and fostering a security-conscious culture within the organization. This position requires strong leadership skills, excellent communication abilities, and a proven track record in information security compliance.

Essential Functions/Responsibilities

Assessment Programs

• Management of Security Assessments: Manage, oversee and enhance the process for execution of hands-on gap or risk security assessments to identify security risks and mitigating controls for third party applications and integrations. Facilitate collaborative meetings with InfoSec, IS Team leads, IS architects, and business requestors as needed. Prepare detailed reports on assessment findings and track remediation efforts to ensure timely resolution of identified issues.

• Perform Security Audits: Develop and implement comprehensive audit plans and schedules for internal and external audits (audit scope can include applications, database, systems, infrastructure, etc.). Conduct thorough internal audits to assess compliance with policies and standards, ISO 27001 Annex A controls, and other relevant regulations. Facilitate external audits by coordinating with third-party auditors, providing necessary documentation, and addressing any audit findings. Prepare detailed audit reports, highlighting areas of non-compliance and recommending corrective actions. Track and monitor the implementation of corrective actions to ensure timely resolution of audit findings.

ISO 27001 Certification Program

• Lead ISO 27001 Program Management: Subject matter expert on ISO 27001. Manage and maintain the ISO 27001 certification program, ensuring continuous compliance of the Information Security Management System (ISMS). Coordinate and perform internal and external ISO audits, ensuring all required documentation is accurate and up to date. Collaborate with Human Resources, Legal, IS, and InfoSec for requested evidence and audit participation. Oversee the maintenance of and champion continuous improvement of the ISMS, addressing any non-conformities and implementing corrective actions.

Compliance:

• Compliance Management: Be the Go-To Expert and serve as the SME over the information security policies and standards. Drive compliance within the organization to these policies, standards, and relevant industry regulations. Develop and implement compliance strategies and frameworks. Monitor and review security controls to determine operational effectiveness. Ongoing review of control mapping to policies, procedures, and processes to ensure adequate coverage. Monitor and ensure compliance with relevant laws and regulations, privacy laws, and other applicable requirements. Provide guidance and support to other departments on security compliance matters. Stay up to date with the latest security trends, threats, and technologies to continuously improve the organization’s security posture.

People Management

• People Management: Lead, mentor, and develop information security analysts. Foster a collaborative and high-performance culture within the team.

Required Knowledge, Skills, and Abilities

• Expertise in developing and managing assessment and audit programs.

• Experienced people manager.

• Proven experience in managing ISO 27001 certification programs.

• Strong understanding of ISO 27001 and NIST frameworks.

• Have excellent analytical, evaluative, and problem-solving abilities.

• Excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences.  

• Ability to convey complex concepts through relatable stories and visual content.

• Good collaboration and interpersonal skills.

• Self-motivated and willing to take on challenges.

• Ability to work independently while contributing to team goals and deliverables.

Required/Preferred Education and Licenses

• Bachelor's degree in Information Security, Computer Science, or related field.

• Minimum of 7+ years of experience in security compliance, information security, or related role with management experience.

• Relevant certifications such as CISA, CISSP, CISM are preferred.

Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law.

FOR US BASED CANDIDATES ONLY
 

Jazz Pharmaceuticals, Inc. is committed to fair and equitable compensation practices and we strive to provide employees with total compensation packages that are market competitive. For this role, the full and complete base pay range is:

Individual compensation paid within this range will depend on many factors, including qualifications, skills, relevant experience, job knowledge, and other pertinent factors. The goal is to ensure fair and competitive compensation aligned with the candidate's expertise and contributions, within the established pay framework and our Total Compensation philosophy. Internal equity considerations will also influence individual base pay decisions. This range will be reviewed on a regular basis.

At Jazz, your base pay is only one part of your total compensation package. The successful candidate may also be eligible for a discretionary annual cash bonus or incentive compensation (depending on the role), in accordance with the terms of the Company's Global Cash Bonus Plan or Incentive Compensation Plan, as well as discretionary equity grants in accordance with Jazz’s Long Term Equity Incentive Plan. 

The successful candidate will also be eligible to participate in various benefits offerings, including, but not limited to, medical, dental and vision insurance, 401k retirement savings plan, and flexible paid vacation. For more information on our Benefits offerings please click here: https://careers.jazzpharma.com/benefits.html