Information Security Manager
Z's Associates, Inc

Job Info

---

ZS is a place where passion changes lives. As a management consulting and technology firm focused on transforming global healthcare and beyond, our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping solutions from start to finish. At ZS, we believe that making an impact demands a different approach; and that's why here your ideas elevate actions, and here you'll have the freedom to define your own path and pursue cutting-edge work. We partner collaboratively with our clients to develop products that create value and deliver company results across critical areas of their business including portfolio strategy, customer insights, research and development, operational and technology transformation, marketing strategy and many more. If you dare to think differently, join us, and find a path where your passion can change lives.

Our most valuable asset is our people.

At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and

make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Learn more

ZS's Information Security Centre of Excellence is an integrated part of the ZS' CISO's office that is responsible for driving across organizational effectiveness and excellence for information security programs across the firm globally which further enables ZS team to deliver secure results to our clients.

We are currently seeking applicants for the position of Manager - Information Security Centre of Excellence to join our US office and act as a Business Information Security Officer (BISO) for assigned client accounts / domains reporting to the Director of Information Security CoE. The position will support various management directed initiatives which include following job requirements:

Responsibilities:

• Work closely with Business, Client (as applicable), Information Security, IT and Project teams for thorough understanding of business and client security requirements and coordinate secure business enabling solutions.
• Build and maintain effective relationship with Business, Client, IT and Information Security stakeholders. Be the voice of Information Security for business teams & clients and the voice of the business & clients within Information Security.
• Own and communicate the account level roadmap for Information security aligned with ZS' risk appetite and overall Information Security roadmap, identifying and resolving applicable implementation level risks and issues.
• Facilitate planning, introduction, delivery of account level Information Security support and initiatives, like:
  • Coordinate internal and client required compliance activities, security audits, point services like 3rd party vulnerability assessments, client's security questionnaires, etc.
  • Drive security capability / maturity improvement, security awareness and education
  • Secure architecture design and implementation of processes
  • Contribute to cyber resilience strategy and response (as applicable)
• Ensure that ZS and Client's security policy compliance is appropriate managed within assigned domain / account
  Share knowledge and expertise of in-country (or regional) cybersecurity policy and regulatory environment with key stakeholders and clients
• Support the broader Information Security team in maintaining cybersecurity hygiene and seek opportunities to enhance and improve security of Information involved in assigned domain and/or account.
• Provide senior account and organizational leadership with accurate assessments of our security posture and progress on industry standard frameworks on an ongoing basis.
• Educate stakeholders on cybersecurity-related matters in an effort to increase awareness and improve culture

Basic Qualifications (Required Skills & Experience):

• 10+ years in a similar role in a large international organization
• Proven experience working in risk management, governance, and regulatory requirements related to cybersecurity with a specific focus on business outcomes and service delivery.
• Confident, energetic self-starter with strong written and oral communication skills, and a focus on translating technically complex issues into simple, easy to understand concepts
• Ability to bring key stakeholders together to rapidly and collaboratively achieve consensus on priorities and path forward to work tasks and projects
• Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
• A good understanding of Security frameworks including NIST, SANs, COBIT, CIS, ISO 27001, etc. Familiarity with US, Global healthcare and pharma specific data, cybersecurity regulatory requirements.
• Proven work experience with multinational enterprises.
• Bachelor's degree in a related discipline and professional certification (CISSP, CPA, CIA, CISA, CISM, CRISC or similar)

Preferred Qualifications (Desired Skills/Experience):

• Work experience with Healthcare and Pharma organization involving IT and Security functions.
• Knowledge and experienced working with security frameworks, assessments
• Familiarity with security controls and services on endpoint devices, in-house and commercial applications, Window and Linux servers, and infrastructure network devices
• Effective analytical skills with an ability to identify and resolve issues
• Tolerant of ambiguity and the flexibility to work well in a dynamic environment
• High attention to detail, self-starter, results driven
• CISSP, Security+ or other cybersecurity certifications
• Project management, team lead experience
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS)

Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.

We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.

Considering applying?
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact in global healthcare and beyond. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.

ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.

To Complete Your Application:
Candidates must possess or be able to obtain work authorization for their intended country of employment.

ZS is committed to providing and maintaining a safe workplace. Must have received full COVID-19 vaccination by date of hire to be considered. Proof of vaccination will be required upon acceptance of offer of employment. Exemption process available on a limited basis.

NO AGENCY CALLS, PLEASE.

Find Out More At:
www.zs.com

#LI-CA1

This job has expired.