Business Information Security Leader (BISL) - Hybrid - Bridgewater, NJ or Morrisville, NC

About The Position

Requirements

• Broad understanding of technologies and security strategies.
• Ability to effectively communicate to all levels within the organization.
• Ensure security is integrated across the full product lifecycle.
• Balance risk, regulatory requirements, and operational objectives.
• Adapt to the ever-changing cybersecurity risk landscape.
• Advise on risk mitigation and avoidance strategies.
• Partner with Risk Management function for risk assessments.
• Provide mitigation and remediation guidance.
• Track and highlight risk treatment plans progress.
• Provide formal risk posture reporting.
• Escalate roadblocks inhibiting timely mitigation or closure of risks.
• Prevent unmanaged technology risk proliferation.
• Exercise senior decision authority for cybersecurity and technology risk matters.
• Oversee risk acceptance, escalation to enterprise forums, and long-term risk posture considerations.
• Ensure early security engagement in business demand and portfolio review processes.
• Ensure projects receive appropriate security requirements and technical guidance.
• Drive early involvement of regulatory, privacy, and compliance subject matter experts.
• Monitor and drive adherence to enterprise security standards and architectural patterns.
• Deliver strategic solution design aligned to company-wide objectives.
• Ensure business unit adherence to security policies, standards, and regulatory requirements (e.g., Privacy, SOX, GxP as applicable).
• Partner with Compliance, Privacy, Legal and other Risk functions to address control gaps.
• Partner with CISO subject matter experts to support security-related audits, regulatory inquiries, and remediation activities.
• Represent the business unit in enterprise security, risk, and compliance governance forums.
• Support security investigations and post-incident reviews.
• Provide senior oversight and accountability for remediation outcomes and systemic improvements.
• Drive business engagement in continuity and disaster recovery planning.
• Ensure lessons learned are incorporated into control improvements and architecture patterns.
• Promote a culture of secure behavior and accountability.
• Cascade and tailor security communications and awareness for maximum business unit impact.
• Translate complex security risks into business-relevant language.
• Provide periodic executive-ready reporting and risk insights.
• Influence decision-making through data-driven risk transparency.
• Provide strategic leadership and direction across senior leaders, managers, and cross-functional stakeholders within the Business Unit.

Nice To Haves

• Experience in a life sciences services organization.
• Experience with drug development and commercialization.

Responsibilities

• Serve as the senior security advisor to the assigned business-aligned STS leadership team.
• Partner across all departments and teams globally within the assigned business unit.
• Align security priorities with STS business strategy, digital roadmaps, and regulatory requirements.
• Embed security-by-design principles into portfolio planning, demand intake and product development processes.
• Inform Information Security priorities with STS product team strategy & goals.
• Represent security requirements in portfolio governance forums.
• Provide senior level accountability for the business unit security strategy, ensuring consistent direction, prioritization, and alignment with company wide objectives while maintaining strong partnership with the CISO.
• Maintain visibility into the aggregated cyber risk posture of the assigned business unit.
• Ensure risk assessments are conducted, partnering with the Risk Management function, for new and materially changed technologies.
• Serve as a security risk advisor to business-aligned STS leadership, provide mitigation and remediation guidance, track and highlight risk treatment plans progress.
• Provide formal risk posture reporting to STS leadership on a defined cadence.
• Escalate roadblocks inhibiting timely mitigation or closure of risks.
• Prevent unmanaged technology risk proliferation.
• Exercise senior decision authority for cybersecurity and technology risk matters within the Business Unit, including oversight of risk acceptance, escalation to enterprise forums, and long-term risk posture considerations.
• Participate in business demand and portfolio review processes to ensure early security engagement.
• Ensure projects receive appropriate security requirements and technical guidance.
• Drive early involvement of regulatory, privacy, and compliance subject matter experts.
• Monitor and drive adherence to enterprise security standards and architectural patterns.
• Deliver strategic solution design aligned to company-wide objectives.
• Ensure business unit adherence to security policies, standards, and regulatory requirements (e.g., Privacy, SOX, GxP as applicable).
• Partner with Compliance, Privacy, Legal and other Risk functions to address control gaps.
• Partner with CISO subject matter experts to support security-related audits, regulatory inquiries, and remediation activities.
• Represent the business unit in enterprise security, risk, and compliance governance forums, providing senior-level input on regulatory risk and remediation priorities.
• Support security investigations and post-incident reviews, providing senior oversight and accountability for remediation outcomes and systemic improvements.
• Drive business engagement in continuity and disaster recovery planning.
• Ensure lessons learned are incorporated into control improvements and architecture patterns.
• Promote a culture of secure behavior and accountability.
• Cascade and tailor security communications and awareness for maximum business unit impact.
• Translate complex security risks into business-relevant language.
• Provide periodic executive-ready reporting and risk insights.
• Influence decision-making through data-driven risk transparency.
• Provide strategic leadership and direction across senior leaders, managers, and cross-functional stakeholders within the Business Unit, enabling consistent execution in a complex, matrixed environment.

Benefits

• Company car or car allowance
• Medical, Dental and Vision insurance
• Company match 401k
• Eligibility to participate in Employee Stock Purchase Plan
• Eligibility to earn commissions/bonus based on company and individual performance
• Flexible paid time off (PTO) and sick time