Key Facts

Remote From:

Full time

Mid-level (2-5 years)

English

Hard Skills

Information Governance Cybersecurity Compliance Risk Management Security Technology Auditing Baseline Personnel Security Standard (BPSS) Risk Mitigation Information Systems Security Cyber Security General Data Protection Regulation (GDPR) Risk Analysis Security Log ISO/IEC 27000 Series Security Management Cross-Functional Collaboration Stakeholder Communications Presentation Training

Other Skills

•
Critical Thinking
•
Detail Oriented
•
Verbal Communication Skills
•
Problem Solving

Roles & Responsibilities

3-5 years of experience in information security, focusing on governance, risk, and compliance
Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field
Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementor
Familiarity with GDPR, NIST, NIS, ISO 27001, and other industry regulations and standards

Requirements:

Develop, implement, and maintain information security policies, standards, and procedures to ensure regulatory compliance and industry best practices
Identify, assess, and manage information security risks; conduct regular risk assessments and develop mitigation strategies
Ensure adherence to relevant laws, regulations, and standards (e.g., GDPR, NIST, NIS, ISO 27001) and conduct compliance assessments
Prepare and present regular information security status reports to management and the CISO; participate in client and internal audits and respond to security questionnaires

Parexel

Pharmaceuticals

About Parexel

Parexel is among the world’s largest clinical research organizations (CROs), providing the full range of Phase I to IV clinical development services to help life-saving treatments reach patients faster. Leveraging the breadth of our clinical, regulatory and therapeutic expertise, our team of more than 21,000 global professionals collaborates with biopharmaceutical leaders, emerging innovators and sites to design and deliver clinical trials with patients in mind, increasing access and participation to make clinical research a care option for anyone, anywhere. Our depth of industry knowledge and strong track record gained over the past 40 years is moving the industry forward and advancing clinical research in healthcare’s most complex areas, while our innovation ecosystem offers the best solutions to make every phase of the clinical trial process more efficient. With the people, insight and focus on operational excellence, we work With HeartTM every day to treat patients with dignity and continuously learn from their experiences, so every trial makes a difference. For more information, visit parexel.com. Community Guidelines Because Parexel’s social media channels are open to the general public and employees, we are not responsible for views expressed other than our own. However, we do not tolerate posts that are: • Abusive, harassing or threatening to others. • Defamatory, offensive, obscene, vulgar or depicting violence. • Hateful targeting by race/ethnicity, age, color, creed, religion, gender, sexual preference or orientation, nationality or political beliefs. • Sexually explicit or pornographic. • Fraudulent, deceptive, libelous, misleading or unlawful. • Referencing criminal or illegal activity. • Spamming. We reserve the right to remove any comments that do not adhere to our guidelines as well as report users who violate the rules of our page.

Company type: XLarge

Industry: Pharmaceuticals

Founded: 2018

Company size: 10001

Website LinkedIn See all jobs →

Job description

When our values align, there's no limit to what we can achieve.

At Parexel, we all share the same goal - to improve the world's health. From clinical trials to regulatory, consulting, and market access, every clinical development solution we provide is underpinned by something special - a deep conviction in what we do.

Each of us, no matter what we do at Parexel, contributes to the development of a therapy that ultimately will benefit a patient. We take our work personally, we do it with empathy and we're committed to making a difference.

The Specialist is responsible for developing, implementing, and maintaining the organization's information security governance framework. This role involves identifying and managing security risks, ensuring compliance with relevant regulations and standards. The Specialist will work closely with various departments to ensure that security policies and practices are effectively integrated into business operations.

Key Accountabilities:

Governance: Develop, implement, and maintain information security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
Risk Management: Identify, assess, and manage information security risks. Conduct regular risk assessments and develop mitigation strategies.
Compliance: Ensure adherence to relevant laws, regulations, and standards (e.g., GDPR, NIST, NIS, ISO 27001). Conduct assessments to verify compliance.
Reporting: Prepare and present regular reports on the status of information security to management and CISO.
Vendor Management: review of 3rd party vendors to ensure the security control compliance with the company’s requirements as part of the on-boarding qualification.
other function requirements: Participate in client and internal audits as a subject matter representing the department. Also participate in answering RFI and security questionnaires send by the clients which relates to infosec.

Skills:

Technical Proficiency: Strong understanding of information security principles, technologies, and best practices.
Communication: Excellent written and verbal communication skills. Ability to convey technical information to non-technical stakeholders.
Project Management: Experience in managing security projects and initiatives.
Problem-Solving: Strong problem-solving skills and the ability to think critically.
Attention to Detail: Meticulous attention to detail in documentation and analysis.

Knowledge and Experience:

Experience: At least 3-5 years of experience in information security, with a focus on governance, risk, and compliance.
Industry Knowledge: Familiarity with industry-specific regulations and standards.

Education:

Bachelor's Degree: In Information Security, Computer Science, Information Technology, or a related field.
Certifications: Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementor.