Jazz Pharmaceuticals

  • Senior Manager, Information Security- Governance Risk and Compliance.

    Job Locations US-CA-Palo Alto
    Posted Date 6 months ago(8/20/2018 11:53 AM)
    Job ID
    # of Openings
  • Overview

    Jazz Pharmaceuticals is an international biopharmaceutical company focused on improving patients’ lives by identifying, developing and commercializing meaningful products that address unmet medical needs. We are continuing to expand our commercial product portfolio and our research and development pipeline in therapeutic areas that can leverage our unique expertise.

    Our therapeutic areas of focus include sleep and hematology/oncology – areas in which we have a deep understanding of the patient journey and a suite of products and product candidates to address critical needs.

    We are looking for the best and brightest talent to join our team.  If you’re looking to be a part of a company with an unwavering commitment to improving patients’ lives and being a great place to work, we hope you’ll explore our career openings and get to know Jazz Pharmaceuticals. 

    Position Profile

    Position Profile

    Jazz Pharmaceuticals is looking for an experienced cybersecurity professional with proven skills for recommending security measures based upon a company’s unique risk profile and heavy dependence on 3rd party vendors and partners. This IT Security team member will be responsible for assessing and managing the 3rd party security risks of our business.

    This individual will be a hands-on contributor with oversight of our cybersecurity risk due to 3rd party partners while also having a contributory role to other cyber security projects and operations.

    This position will possess a work style that promotes progress through collaborative teamwork in a dynamic environment.  Ultimately this individual is responsible for assessing, designing and implementing security controls to help protect the Company.

    Job Responsibilities and Requirements:

    This person will combine past experiences and expertise with industry trends and best practices to bring rigor and repeatability into system & platform security in partnership with 3rd parties.  He/she will help mature the discipline of cybersecurity best practices and will evangelize the value of such discipline to the broader IT organization. 

    Specifically this role will be responsible for the following:

    • Develop, publish, maintain, and enforce comprehensive organization-wide information security risk assessment framework, plans, policies, procedures, guidelines and controls that are aligned with the organization’s business needs
    • Evangelize and Provide SME knowledge of Information policies, guidance and procedures to the rest of the Jazz Pharmaceuticals Team
    • Develop and Provide regular Information Security Reports including KRIs, KPIs & KCIs
    • Support and Manage Action Plans including exceptions to closure; including working with Risk owners to develop sustainable action plans that address technology, process and organizational risk areas.
    • Provide technical assistance in evaluating, developing and executing Risk-related Action Plans that meet business requirements and are sustainable
    • Manage relationships and relevant information sharing with members of the Information Security Team, broader IT Team as well as Lines of Business
    • Act as an internal consultant within IT and business groups for Information Security Risk Assessments
    • Help develop an effective Information Security Strategy by aligning Risk Management & Information Security Governance efforts with Information Security Technology Strategy and Information Security Threats
    • Perform security audits and assessments of internal systems and third parties and recommend actions to mitigate risks through a review of efficiency, effectiveness and compliance of operational and security policies, processes and practices.
    • Perform technical security assessment of solutions and recommend/review security designs and controls
    • Oversee and perform operational execution of the third party cyber risk management processes
    • Provide written and verbal reports of audit findings and assessment observations.
    • Act as primary trusted security advisor on projects to ensure that information security risks are managed and risk assessment process is followed including when interacting with 3rd parties
    • Support periodic audit activities as they relate to the IT cyber security domain (e.g., quarterly SOX audits for privileged access, GxP audits for information integrity, security and availability)
    • Maintain broad understanding of emerging security technologies and their relevance/applicability to our organization especially as they relate to 3rd party partners
    • Provide hands-on security expertise during design, development, implementation and testing of solutions for integrating new technologies.
    • Ensure security coherence across the services developed by our engineering and application teams, as well as encouraging security best practices
    • Provide clear direction and mobilize others to take action on priorities


    • Excellent written and verbal communication skills; ability to convey security concepts to non-technical audiences (e.g. senior and executive management, internal customers)
    • Demonstrate a firm understanding of 3rd party vendor and technology assessment frameworks and have performed assessments historically
    • Possess advanced interview skills to tailor the types of questions based on responses provided by internal business partners and vendors
    • Demonstrate an understanding of business processes, external control risk management, IT controls, and how they interact together
    • Understand cyber security technology sufficiently to perform technology assessments.  Example technology domains would be access management, network security, vulnerability management and physical security, etc.
    • At least 7 years of relevant IT Security experience and one or more relevant certifications (i.e. CISSP, CISM, CCSK)
    • Experience with implementing security controls
    • Working knowledge of industry standards – NIST Cyber Security Framework, NIST SP 800-53, ISO 27001/2, Cloud Security Alliance or Privacy Shield
    • Experience with assessing cloud Cybersecurity, leading global cross functional project teams, access control operations along with strong technical expertise are highly desirable
    • Must have strong analytical, problem solving and critical thinking skills and the ability to support decisions that balance Cybersecurity with ease-of-use
    • A demonstrated service delivery mind-set with experience in implementing results orientated service delivery initiatives
    • Demonstrated experience leading security project through influence, collaboration, and coalition-building; and very comfortable in situations requiring constrained creativity to insure we are securing business systems and data
    • Strong presentation and communication skills with ability to engage and influence senior level staff
    • Demonstrated vendor relationship management skills, with the ability to build strong rapport.
    • Self-starter that understands and owns every vital detail as second nature

    Additional Valuable Skills and Certifications:

    • Pharmaceutical industry experience
    • Working in environments with high adoption of Cloud technologies
    • Experience in business of rapid change
    • CISSP, CISM, CISA, CRISC Certifications.

    Jazz Pharmaceuticals is an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any characteristic protected by law.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Coming Soon!!