Senior Director, Information Security
Senior Director of Information Security
Our Purpose
P\S\L Group is a global organisation dedicated to putting information at the service of medicine. The companies and people of the P\S\L Group aim to improve medical care by serving those who need it, those who provide it and those who seek to improve it.
Our primary purpose is to help clients increase the effectiveness of activities pertaining to scientific communication, medical education and product/service marketing. To this end, we want our information services to contribute to the goals we share with our clients, namely: to accelerate the advancement of medicine and help people enjoy better, longer lives.
Objective
We're seeking a seasoned Sr Director of Information Security to lead our comprehensive Enterprise security strategy. You'll identify security gaps, develop long-term roadmaps, and communicate effectively at Board and C-level. Your expertise in risk management, compliance, and incident response will be critical in managing security risks, ensuring regulatory compliance, and developing proactive strategies to mitigate emerging threats, especially those related to AI. Oversee business continuity and disaster recovery planning to ensure operational resilience. Additionally, you will be responsible for building and leading a high-performing security team that fosters a culture of security awareness and continuous improvement.
What you will do
- Security Leadership: Spearhead the development and execution of a comprehensive security strategy that encompasses application security, infrastructure, data, and asset protection across the organization. Drive the implementation of robust security policies, procedures, and advanced technologies to proactively mitigate risks and enhance the organization's security posture. Foster a culture of security awareness and collaborate with cross-functional teams to ensure alignment with business objectives.
- Risk Management & Roadmap Development: Identify security gaps across the company. Create and implement a comprehensive roadmap to address vulnerabilities, focusing on both proactive and reactive strategies.
- Board & Executive Communication: Regularly communicate the state of security to Board and C-level executives, translating technical security concerns into business risks and actionable insights.
- Regulatory Compliance: Ensure compliance with relevant regulations, including GDPR, ISO27001, and SOC2. Lead security audits, implement governance frameworks, and ensure the organization’s operations align with regulatory standards.
- AI Risk Navigation: Assess and manage security risks associated with AI technologies. Identify opportunities to securely leverage these technologies while mitigating potential risks.
- Incident Response & Governance: Oversee incident response protocols and governance frameworks, ensuring swift and effective responses to security breaches. Implement and refine processes for continuous improvement in threat detection and response.
- Business Continuity & Disaster Recovery: Develop and maintain a business continuity and disaster recovery plan to ensure operational resilience in the event of a security breach, system failure, or other emergencies. Coordinate with relevant teams to ensure that continuity plans are well-tested and executable.
- Team Leadership: Lead and manage the security team of 5, ensuring they are equipped to handle current and emerging security challenges. Foster a culture of security awareness and continuous learning across the organization.
- Internal Security Audit: Conduct a comprehensive internal audit of our security practices to identify gaps and vulnerabilities. Develop a detailed roadmap to address identified areas of improvement.
- Day-to-Day Security Operations: Oversee the day-to-day activities of the security team, ensuring the effective implementation of security controls and procedures.
- Cross-Functional Collaboration: Collaborate with various teams across the organization to ensure that security measures are integrated into business processes and systems.
Who you are
- 10+ years of experience in information security, with 5+ years in a senior leadership role.
- Proven expertise in identifying and mitigating security risks across applications, infrastructure, data, and assets.
- Strong Board & C-level communication skills, with the ability to translate complex technical challenges into business context.
- Deep knowledge of GDPR, ISO27001, SOC2, and other relevant regulations, including leading security audits and implementing compliance frameworks.
- Experience developing security roadmaps to identify and address security gaps.
Preferred Qualifications
- Certifications: CISSP, CISM, or other relevant security certifications.
- Experience with AI security risks and opportunities.
- Expertise in managing security within cloud-based infrastructures such as AWS, GCP, and Azure.
- Strong business acumen, with the ability to balance security requirements with business needs.
Apply for this job
*
indicates a required field