Senior Analyst, Security Governance, Risk, and Compliance (Remote)

Jazz Pharmaceuticals is seeking an experienced Senior Analyst in Security Governance, Risk, and Compliance. The Senior Analyst will help support the global oversight of the company's Security Governance, Risk, and Compliance program.

We welcome an innovative individual that embraces challenges and offers creative solutions. This Senior Analyst is expected to possess strong process management and communication skills, and subject matter expertise.

Essential Functions/Responsibilities:

• Support information security risk management programs

• Be the advocate for information security risk management, engage with stakeholders, support the identification of security risks and risk exceptions to treatment

• Ensure identified security risks impacting the company are effectively evaluated and communicated

• Collaborate with stakeholders on remediation and risk mitigation activities, including formulating remediation plans, tracking and progress of action plans across compliance, policy, and process gap remediation activities and risk mitigation activities in partnership with internal business partners

• Manage dashboards that deliver practical, meaningful security risk metrics to internal and external stakeholders

• Coordinate and participate in technical design, process reviews, and support stakeholders in risk identification

• Assist in building a security-focused culture through partnership and collaboration with the business, information services, and other risk-related (e.g., Quality, Legal, Compliance, etc.) teams to deliver value and improve the security posture of Jazz

• Drive Security Compliance through a quantitative risk framework

• Conduct and automate gap assessments for IaaS, PaaS and SaaS

• Drive Security Compliance visibility

• Support a security advocacy program

Required Knowledge, Skills, and Abilities:

• A minimum of 3-5 years' experience supporting security (technical and non-technical) risks

• Excellent written and verbal communication skills; ability to convey security concepts to technical and non-technical audiences (e.g. senior and executive management, internal customers)

• Ability to articulate and demonstrate a risk-relevant approach for Information Security Risk Management

• Understanding and experience with IT Systems, Network Security Concepts, Cloud Security concepts, Virtualization, Threat and Vulnerability Management, Application Security, etc

• Ongoing familiarity with emerging and prevalent technologies and IT systems

• Strong analytical, risk-based problem solving and critical thinking skills and the ability to support decisions that balance Information security while also enabling business objectives

• Ability to influence and build strong relationships across IT and the business

• Ability to work independently on assigned tasks with minimal direction and/or supervision

• Previous experience in Security Governance and Compliance.

• Familiarity with Security Risk Frameworks such as FAIR, OCTAVE or CRAMM

• Solid understanding and experience with securing IaaS, PaaS and SaaS

• Understanding of secure code development frameworks and practices

• Healthcare or pharmaceutical experience preferred

Required/Preferred Education and Licenses:

• Security certifications are a strong plus (CISA, CISSP, CRISC, CISM or equivalent)

• Demonstrated ability to collaborate with technical and non-technical teams

• Experience in working in a global cross-functional project team, along with strong technical expertise preferred

• Experience in automation

• Experience in security frameworks such as ISO 27001, 27002, 27005; NIST

• Bachelor's degree preferred

• #remote