Director - GRC Business Risk Liaison (BISO)

Career Category

Information Systems

Job Description

Join Amgen’s Mission of Serving Patients

At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do.

Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.

Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.

Director - GRC Business Risk Liaison (BISO)

What you will do

Let’s do this. Let’s change the world. In this vital role you will responsible for aligning the information security strategy with the business objectives of the organization. They serve as the key liaison between business units and the corporate information security team, ensuring that security policies, standards, and best practices are effectively integrated into business processes. This role requires a good balance of technical expertise, business acumen, and leadership capabilities to manage security risks while enabling business operations.

Key Responsibilities:

• Act as the main point of contact for information security within assigned business units, ensuring alignment with enterprise security policies and risk management strategies.
• Develop and implement security programs tailored to the specific needs of business operations, in collaboration with corporate security teams.
• Assess and manage information security risks, working actively with stakeholders to mitigate potential threats.
• Collaborate with IT, compliance, legal, and risk management teams to ensure regulatory and industry-specific security requirements are met.
• Conduct security assessments, audits, and compliance reviews to identify vulnerabilities and recommend remediation strategies.
• Facilitate security awareness and training programs to enhance security culture within the organization.
• Monitor security incidents, coordinate response efforts, and provide recommendations for incident prevention.
• Work with third-party vendors, partners, and suppliers to ensure security controls align with organizational requirements.
• Stay updated on emerging cybersecurity threats, trends, and best practices, counseling leadership on potential impacts to business operations.
• Develop metrics and reporting mechanisms to communicate security risks and compliance status to business partners.

What we expect of you

We are all different, yet we all use our unique contributions to serve patients. The GRC professional we seek is a problem solver with these qualifications.

Basic Qualifications:

Doctorate degree and 4 years of information security or risk management experience

Or

Master’s degree and 8 years of information security or risk management experience

Or

Bachelor’s degree and 10 years of information security or risk management experience

In addition to meeting at least one of the above requirements, you must have at least 4 years experience directly managing people and/or leadership experience leading teams, projects, programs, or directing the allocation or resources. Your managerial experience may run concurrently with the required technical experience referenced above

Preferred Qualifications:

• Industry certifications: Certified Information Security Manager (CISM), CompTIA Security, Certified Information Systems Security Professional (CISSP), SANS Global Information Assurance Certifications (GIAC)
• 7+ years of experience in information security, risk management, or a related field, with at least 3 years in a leadership or advisory role.
• Solid understanding of cybersecurity frameworks, including NIST, ISO 27001, and CIS Controls.
• Experience with regulatory compliance requirements such as GDPR, HIPAA, NIS2, or SOX.
• Demonstrated ability to work with business leaders to integrate security into business operations without compromising efficiency.
• Superb communication and stakeholder management skills, with the ability to convey complex security concepts to non-technical audiences.
• Strong analytical, problem-solving, and decision-making skills.
• Experience in managing security incidents and implementing risk mitigation strategies.
• Experience working in highly regulated industries such as finance, healthcare, or government.
• Familiarity with business continuity and disaster recovery planning.
• Ability to independently manage priorities and meet deadlines in a fast-paced, virtual team environment
• Technical curiosity with strong logical, problem solving, and decision-making skills
• Driven and thorough with the ability to deal with complexity and ambiguity
• Working experience in Agile / DevOps environment
• Must be team-oriented, placing priority on the successful completion of team goals

What you can expect of us

As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way.

The expected annual salary range for this role in the U.S. (excluding Puerto Rico) is posted. Actual salary will vary based on several factors including but not limited to, relevant skills, experience, and qualifications.

In addition to the base salary, Amgen offers a Total Rewards Plan, based on eligibility, comprising of health and welfare plans for staff and eligible dependents, financial plans with opportunities to save towards retirement or other goals, work/life balance, and career development opportunities that may include:

• A comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts
• A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan
• Stock-based long-term incentives
• Award-winning time-off plans
• Flexible work models, including remote and hybrid work arrangements, where possible

Apply now and make a lasting impact with the Amgen team.

careers.amgen.com

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Application deadline

Amgen does not have an application deadline for this position; we will continue accepting applications until we receive a sufficient number or select a candidate for the position.

As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease.

Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

.

Salary Range

183,028.00 USD - 219,674.00 USD