IQVIA™ is the leading human data science company focused on helping healthcare clients find unparalleled insights and better solutions for patients. Formed through the merger of IMS Health and Quintiles, IQVIA offers a broad range of solutions that harness the power of healthcare data, domain expertise, transformative technology, and advanced analytics to drive healthcare forward.
The Senior Information Security Analyst role presents a dynamic opportunity to help the organization ensure the secure operation of the IQVIA global information technology (IT) infrastructure and processes through support and contribution to the delivery of a global information security program. This role is key to our Information Security team and will provide an excellent opportunity to liaise with key internal and external stakeholders while strengthening our Information Security risk management function.
The Senior Information Security Analyst will provide support and contribute to success of information security risk management workstreams by responding to business requests, resolving queries related to information security, and taking part in risk assessments, while assisting in identifying and responding to attempted efforts to compromise systems security within IQVIA.
The Senior Information Security Analyst will also work together with other members of the IQVIA Information Security team, and liaising regularly with other management teams at IQVIA.
Principal responsibilities will include:
• Perform risk assessments of new and existing vendors, products/systems/applications, and services to identify and report on their information security posture, including identification of gaps and recommended mitigation actions
• Communicate and report assessment results inclusive of recommendations for mitigation activities and overall risk rating
• Identify opportunities to improve risk posture, designing security controls for remediating or mitigating risks, and assessing the residual risk
• Generate responses to internal and external client questions, queries, and audits related to information security posture in support of sales opportunities, customer audits, or other stakeholders across the global organization
• Conduct reviews of contractual clauses related to information security in third-party agreements with clients or suppliers
• Support identification and assessment of information security events, including alerts, incidents, data breaches and emerging risks
• Provide information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems
• Assist IQVIA project teams in assessing information security risks pertaining to the respective project scope and recommend suitable risk mitigation plans
Required skills and experience:
• Significant professional experience in Information Security, Risk Management, IT Controls, IT Audit, or other related area
• Proven knowledge of information security concepts and best practices, as well as ability to apply these concepts to business scenarios
• Experience in risk assessments, information security controls, information security architecture, network security, information security governance
• Project management skills, especially those learned in a cross-functional environment
• Knowledge of IT infrastructure, networks, databases, processing systems, web applications, and mobile technology. Previous information technology related work experience is an advantage
• High level of accountability and ability to execute; familiar with estimating and planning own work effort including recognizing and escalating risks and issues in relation to delivery; attention to detail
• Ability to effectively influence and educate business partners when necessary to help bridge gaps in understanding while maintaining good working relationships
• Strong oral and written communication skills, excellent team player and collaborator
• Commitment to ongoing professional development
• Working knowledge of IT governance frameworks and standards such as CobiT, ITIL, ISO27001
• PC proficiency, including MS Word, Excel, Power Point, and Outlook
• Bachelor's degree in information security, computer science, or information technology
• A CISSP, CISM, CISA, or equivalent professional certificate is preferred
• An ITIL or project management certificates are not required but beneficial
Making a positive impact on human health takes insight, curiosity, and intellectual courage. It takes brave minds, pushing the boundaries to transform healthcare. Regardless of your role, you will have the opportunity to play an important part in helping our clients drive healthcare forward and ultimately improve outcomes for patients.
Forge a career with greater purpose, make an impact, and never stop learning.
Job ID: R1055523