The highlights of the position are:
Job Title: Senior Manager, Information Technology Security & Compliance
Location: Onsite, Plano, TX - 75023 / Hybrid Model
Duration: Full Time Permanent
As a member of the IT team, the Sr. Manager, IT Security & Compliance is responsible for enterprise information security and compliance with regulatory authorities and other standards entities, including but not limited to SOX, FDA pharmaceutical industry validation (GXP) and 21 CFR Part 11, HIPAA, EU data privacy (GDPR), NIST Cyber Security Framework (CSF), etc.
- Develop and grow an enterprise cyber security program with appropriate IT policies, procedures, and controls leveraging established industry standards and best practices such as the NIST Cyber Security Framework (CSF) and Center for Internet Security (CIS) and effective threat management strategies to counter a dynamic, ever-evolving cyber threat landscape
- Collaborate with various internal and external technical partners to identify, select, and implement cyber defense tools and business continuity capabilities
Develop and grow the cyber security practice in three principal segments:
- IT operations (incident planning/response and monitoring)
- Security engineering (systems integrations and development)
- Governance and Compliance (see below)
- Develop and grow a cyber security awareness program that engenders a strong cyber security awareness culture, mitigating the human threat vector
- Demonstrate the effectiveness and maturity of the security program through KPIs and metrics in Executive and operational dashboards; conduct quarterly and annual Cybersecurity Business Reviews (CBR)
- Collaborate with technical and non-technical partners to ensure policies, procedures, work instructions, and practices are compliant with various regulatory authorities including but not limited to SOX, FDA pharmaceutical industry validation (GXP) and 21 CFR Part 11, HIPAA, EU data privacy (GDPR), NIST Cyber Security Framework (CSF), etc.
- Oversee and manage the Identity governance platform (SailPoint) including access certification, requests, and provisioning
- Manage the Change Control Board (CCB) and all related lifecycle changes to systems to ensure effective controls and compliance
- Lead and advise on system validation practices for all GXP systems
- Ensure the timely collection and reporting of evidentiary documentation to satisfy compliance requirements of various regulations, notably SOX and GDPR
- Primary interface with internal and external auditors on all IT systems, policies, and procedures
- Responsible for timely delivery of project initiatives achieved through experience-driven vision and planning skills and effective external vendor management.
- Responsible for the governance and oversight of managed service providers performing outsourced information security and compliance operational activities
- Demonstrate commitment and support for company goals, objectives, and procedures
- Represent Client by developing collaborative relationships with site personnel, colleagues, partners, and vendors
- Demonstrate professionalism and adherence to moral, ethical, and quality principles
- Participate in corporate and departmental meetings
- Comply with applicable regulations, GXP and corporate policies and procedures
- 4 years bachelor’s degree and minimum 6-8 years in cyber security and compliance experience with increasing responsibilities; Bio-Pharma industry experience highly desired
- Strong background in leading IT managed services to recommend and oversee integrated IT security and compliance operations.
- Experience with developing and auditing comprehensive IT security controls, NIST Cyber Security Framework (CSF) and COBIT, including familiarity with the OSI technology stack
- Experience with implementation of effective business contingency & continuity strategies
- Experience working with third-party security vendors, SOC, penetration testers, auditors, etc.
- Experience building an enterprise and effective cyber security awareness program in a metrics-based setting
- Security certifications highly desired: CISSP, CEH, Security+, CISA, Cloud+,
- A “hands-on” self-starter with managerial / leadership experience and a demonstrated ability to interact with technical and non-technical staff, various levels of management, and external parties to accomplish goals and objectives
- Demonstrated ability to anticipate, proactively respond to trends and/or shifts in the external environment (e.g., regulatory, vendor relationships, industry standards)
- Self-motivated, proactive team player and collaborator.
If you believe that you are well qualified for this position and are currently in the job market, or interested in making a change, please do give me a call at or or reply to this email. When responding, please include your direct phone number, so that I may revert back to you promptly.
If this is your first exposure to Park Computer Systems, you can check us out at http:www.parkcom.com
Thank you for your time, and looking forward to a timely response from you
Thanks & Regards
510.330.5164 (Direct) | 510.575.0257 (C)
Park Computer Systems, Inc.