Business Information Security Leader (BISL) - Hybrid - Bridgewater, NJ or Morrisville, NC

About The Position

Requirements

• Broad understanding of technologies and security strategies.
• Ability to effectively communicate to all levels within the organization.
• Understanding and adaptation to the ever-changing cybersecurity risk landscape.
• Experience in strategic solution design aligned to company-wide objectives.
• Experience embedding security into business strategy.
• Experience enabling secure product delivery.
• Experience as a security business partner to a business unit.
• Experience leading the development and evolution of security strategy for a sector.
• Experience ensuring alignment with shared business and security goals.
• Experience operating as a trusted member of a business-aligned leadership team.
• Experience maintaining strong functional alignment to a CISO.
• Experience ensuring security is integrated across the full product lifecycle.
• Experience advising on risk mitigation and avoidance strategies.
• Experience serving as a senior security advisor to leadership teams.
• Experience partnering across departments and teams globally.
• Experience aligning security priorities with business strategy, digital roadmaps, and regulatory requirements.
• Experience embedding security-by-design principles into planning and development processes.
• Experience informing security priorities with product team strategy & goals.
• Experience representing security requirements in governance forums.
• Experience providing senior-level accountability for security strategy.
• Experience maintaining visibility into aggregated cyber risk posture.
• Experience ensuring risk assessments are conducted for new and materially changed technologies.
• Experience serving as a security risk advisor, providing mitigation and remediation guidance.
• Experience tracking and highlighting risk treatment plans progress.
• Experience providing formal risk posture reporting.
• Experience escalating roadblocks inhibiting timely mitigation or closure of risks.
• Experience preventing unmanaged technology risk proliferation.
• Experience exercising senior decision authority for cybersecurity and technology risk matters.
• Experience participating in business demand and portfolio review processes.
• Experience ensuring projects receive appropriate security requirements and technical guidance.
• Experience driving early involvement of regulatory, privacy, and compliance subject matter experts.
• Experience monitoring and driving adherence to enterprise security standards and architectural patterns.
• Experience ensuring adherence to security policies, standards, and regulatory requirements.
• Experience partnering with Compliance, Privacy, Legal and other Risk functions.
• Experience supporting security-related audits, regulatory inquiries, and remediation activities.
• Experience representing a business unit in enterprise security, risk, and compliance governance forums.
• Experience supporting security investigations and post-incident reviews.
• Experience driving business engagement in continuity and disaster recovery planning.
• Experience promoting a culture of secure behavior and accountability.
• Experience cascading and tailoring security communications and awareness.
• Experience translating complex security risks into business-relevant language.
• Experience providing executive-ready reporting and risk insights.
• Experience influencing decision-making through data-driven risk transparency.
• Experience providing strategic leadership and direction across senior leaders, managers, and cross-functional stakeholders.

Nice To Haves

• Experience with Novel FDA Approved Drugs.
• Experience with EMA Authorized Products.
• Experience with Clinical Trials.
• Experience with Sites and Trial Patients.

Responsibilities

• Serve as the senior security advisor to the assigned business-aligned STS leadership team.
• Partner across all departments and teams globally within the assigned business unit.
• Align security priorities with STS business strategy, digital roadmaps, and regulatory requirements.
• Embed security-by-design principles into portfolio planning, demand intake and product development processes.
• Inform Information Security priorities with STS product team strategy & goals.
• Represent security requirements in portfolio governance forums.
• Provide senior level accountability for the business unit security strategy, ensuring consistent direction, prioritization, and alignment with company wide objectives while maintaining strong partnership with the CISO.
• Maintain visibility into the aggregated cyber risk posture of the assigned business unit.
• Ensure risk assessments are conducted, partnering with the Risk Management function, for new and materially changed technologies.
• Serve as a security risk advisor to business-aligned STS leadership, provide mitigation and remediation guidance, track and highlight risk treatment plans progress.
• Provide formal risk posture reporting to STS leadership on a defined cadence.
• Escalate roadblocks inhibiting timely mitigation or closure of risks.
• Prevent unmanaged technology risk proliferation.
• Exercise senior decision authority for cybersecurity and technology risk matters within the Business Unit, including oversight of risk acceptance, escalation to enterprise forums, and long-term risk posture considerations.
• Participate in business demand and portfolio review processes to ensure early security engagement.
• Ensure projects receive appropriate security requirements and technical guidance.
• Drive early involvement of regulatory, privacy, and compliance subject matter experts.
• Monitor and drive adherence to enterprise security standards and architectural patterns.
• Deliver strategic solution design aligned to company-wide objectives.
• Ensure business unit adherence to security policies, standards, and regulatory requirements (e.g., Privacy, SOX, GxP as applicable).
• Partner with Compliance, Privacy, Legal and other Risk functions to address control gaps.
• Partner with CISO subject matter experts to support security-related audits, regulatory inquiries, and remediation activities.
• Represent the business unit in enterprise security, risk, and compliance governance forums, providing senior-level input on regulatory risk and remediation priorities.
• Support security investigations and post-incident reviews, providing senior oversight and accountability for remediation outcomes and systemic improvements.
• Drive business engagement in continuity and disaster recovery planning.
• Ensure lessons learned are incorporated into control improvements and architecture patterns.
• Promote a culture of secure behavior and accountability.
• Cascade and tailor security communications and awareness for maximum business unit impact.
• Translate complex security risks into business-relevant language.
• Provide periodic executive-ready reporting and risk insights.
• Influence decision-making through data-driven risk transparency.
• Provide strategic leadership and direction across senior leaders, managers, and cross-functional stakeholders within the Business Unit, enabling consistent execution in a complex, matrixed environment.

Benefits

• Company car or car allowance
• Health benefits to include Medical, Dental and Vision
• Company match 401k
• Eligibility to participate in Employee Stock Purchase Plan
• Eligibility to earn commissions/bonus based on company and individual performance
• Flexible paid time off (PTO) and sick time