Service Delivery Manager, lT Security Risk and Governance

We are seeking a Service Delivery Manager for the IT security risk and governance risk monitoring program.  You will lead the oversight and delivery of the Policy Exception and Risk Register processes. You also collaborate with all areas of the business to help run the company’s security risk profile. You will also share relevant data about risk to allow senior management and business partners to make strategic decisions.

In this role, a typical day might include the following:

• Serve as an information security domain expert for a pharmaceutical company in a fast–paced, demanding environment.
• Work with all areas of the business to identify, handle and remediate risk.
• Develop, design, and maintain a maturity path for risk operations program.
• Influence security risk strategic plan and roadmaps. 
• Drive a stronger culture of risk ownership, accountability, and awareness across the company.
• Optimize and automate risk metrics, dashboards, and reporting to enhance the programs data analytics and executive awareness.
• Perform information security assessments across a variety of platforms and applications. Assist with the implementation and operation of Governance Risk and Compliance (GRC) tooling to further improve and automate our risk management processes. Collaborate with SMEs, including Audit & Compliance teams, to ensure adequate security controls are in place to manage risk and are aligned with leading standard methodologies.
• Assess program security progress, support program briefs, and coordinate and compile program security documentation for various consumers.  Interact with IT PMO to support technical audits.

This job might be for you if:

• You have a passion for articulating vision, championing and leading change, as well as achieving high quality results.
• With your sleeves rolled up, you work on current problems while thinking of future solutions.
• You have the demonstrated ability to effectively organize and motivate diverse teams.
• You have experience commanding status meetings, establishing sense of urgency, empowering escalations, and ensuring accountability for deliverables.
• You have a collaborative agile approach to drive creative and efficient use of technology and thrive in a team environment.
• You are a critical problem solver, detailed oriented, and highly motivated self-starter with a passion for constant learning & improvement.

To be considered for this role, you must have a Bachelor’s degree in a related field with at least 6 years of experience building or operating programs to mitigate risks around security, confidentiality, integrity and availability. Demonstrated success in a security / operational risk management team at a complex organization with a mature risk oversight function with direct experience in conducting and analyzing security risk assessments. Working knowledge of Risk Management platforms (direct work with Service Now Risk Platform is a plus). Demonstrated leadership in all aspects of information security risk management. Expertise in basics of IT services and Information Security foundational information. Understanding with technologies in most the following: Firewalls, IDS, IPS, proxy, cloud access and encryption, DMZ architecture, SIEM, logging, anti-virus/anti-malware, endpoint detection and response, host-based firewall, application whitelisting, file integrity monitoring, and data loss prevention. Experience in project management and delivering against IT implementation. Experience in a GxP or another regulated environment, preferred. Strong analytical and problem-solving skills. Knowledge in Security Foundational Frameworks; NIST 800-53, Cybersecurity Framework, CIS Standards and MITRE ATT&CK Framework, preferred. CISSP, CISM, CHE or equivalent, relevant certification from a recognized body (e.g., SANS, ISC2, ISACA).  If absent, certification must be attained no later than after one year of start date.

Does this sound like you? Apply now to take your first steps toward living the Regeneron Way! We have an inclusive and diverse culture that provides amazing benefits including health and wellness programs, fitness centers and stock for employees at all levels!

Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion or belief (or lack thereof), sex, nationality, national or ethnic origin, civil status, age, citizenship status, membership of the Traveler community, sexual orientation, disability, genetic information, familial status, marital or registered civil partnership status, pregnancy or maternity status, gender identity, gender reassignment, military or veteran status, or any other protected characteristic in accordance with applicable laws and regulations. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application process. Please contact us to discuss any accommodations you think you may need.