VP, Chief Information Security Office; CISO Remote

Position: VP, Chief Information Security Office (CISO) Remote VP, Chief Information Security Office (CISO) Remote Location: US Gaithersburg, MD, 20879 (Gaithersburg, MD, US, 20879) We go where others won’t, taking on some of the biggest public health challenges to protect and enhance millions of lives, and create a better, more secure world. Here, you will join passionate professionals who advance their scientific, technical and professional skills to develop products designed‑to protect and enhance life. I: Job Summary Reporting to the CIO, the VP/CISO, will provide strategic and tactical leadership of global information security, disaster recovery, IT risk management, computer systems validation and compliance programs for the enterprise. He/she will establish and evolve the Information Security strategy & roadmaps to meet or exceed all regulatory agencies, government, client partnerships and compliance mandates utilizing a standard risk‑based framework that can provide consistent & repeatable practices. This leader will drive the technology and architectural direction including awareness programs that enables effective & lean delivery across the business & IT organizations that achieves cost optimization, quality improvement, bottom‑line results while protecting and enabling the business from the evolving security threat landscape. The individual seeking this opportunity will be a strong thought & people leader with excellent communication skills that allow complex security concepts & risk topics to be translated to reach diverse levels in the organization at the appropriate pace & speed. This person is the key liaison and therefore must be an excellent collaborator across multiple disciplines including: business stakeholders, executive level technology risk areas, regulatory agencies, compliance partners & the Board of Directors. II: Responsibilities • Sets the vision, strategy & direction for the development & implementation of comprehensive information security, disaster recovery, IT risk management & compliance programs. • Own Board of Directors & Executive level communication and interaction including consulting, understanding of business strategies and translating complex information security threats, risks & programs into achievable, sustainable and innovative technology solutions, capability maturity roadmaps. • Develop and deliver a tiered security dashboard appropriate for each level of cybersecurity governance. Proactively identify problems, measure progress and continuously improve cybersecurity operations. • Create & lead the development of an enterprise Information security awareness program to ensure compliance & that the organization understands the trade‑off between risk and return. • Understand and translate the trade‑offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments. • Leads team to successfully implement security standards, procedures & guidelines for the enterprise as well as reporting security performance against established security metrics. • Ensures and monitors security compliance with industry and government rules and regulations. (e.g., GDPR, HIPAA, ISO 27001, SEC) • Build, develop and retain cybersecurity talent. Support employees in their career development by providing guidance on career paths, opportunities for advancement, and skill development. Develop and implement initiatives to enhance employee engagement, satisfaction, and retention. • Liaise with external agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture. • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. • Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. • Set the vision, strategy, and direction for the organization incident response management program. Integrate with the business continuity and crisis management programs. • Provide leadership of the IT Computer Systems Validation (CSV) team responsibilities and accountabilities. • Provide strong… Apply tot his job