* The Senior Manager, IT Information Security Operations is a critical member of the IT Security leadership team and coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management. This is a leadership role that requires an individual with a strong technical background, as well as an ability to work with the IT organization and business management to align priorities and plans with key business objectives. This position will act as an empowered representative of the IT Security team during IT planning initiatives to ensure that security measures are incorporated into strategic IT plans and that service expectations are clearly defined. This position will also be responsible for working with business and IT stakeholders to balance real-world risks with business drivers such as speed, agility, flexibility and performance. The role has oversight of the Identity & Access Management program and resources, Architecture & Engineering program and resources, and Security Operations Center program and resources.
* Work with the Director, IT Security to develop a global security program and security projects that address identified risks and business security requirements; responsible for developing budget projections based on short-term and long-term goals and objectives.
* Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements; manage production issues, coordinate and oversee cybersecurity incident response, and participate in problem and change management forums; serve as an active and consistent participant in the information security governance process; work with the Director IT Security, IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
* Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, application and software; recommend and coordinate the implementation of technical controls to support and enforce defined security policies; research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing technical installed base and skills with future architectural requirements and consider the global impacts.
* Coordinate, measure and report on the technical aspects of the security management; manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements; manage and coordinate operation components of incident management, including detection, response and reporting; maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations; manage the day-to-day risk tolerances, recommend treatment plans and communicate information about residual risk; manage security projects and provide expert guidance on security matters for other IT projects; Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements; design, coordinate and oversea security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks
* Performs other functions as required or assigned.
* Complies with all company policies and standards.
* Bachelors Degree (BA/BS) Bachelor's degree in Computer Science, IT, Engineering or a related discipline - Required
* 8-10 years of hands-on experience within the information security field
* 8 years of management experience in an information security role managing Security Analysts.
* Proven experience with current IT security technologies
* Prior experience with information security framework such as ISO 27000 or NIST CSF
* Prior experience of working in Pharmaceutical or Biotech Industry
* Leadership skills - Advanced
* Documentation and presentation skills - Advanced
* Analytical and critical thinking - Advanced
* Ability to identify needs and take initiative - Advanced
* Demonstrated understanding of technological trends and developments in the areas of information security, risk management, web architectures and cloud computing
* CISSP, CISM, CEH or other relevant Security Certifications--Preferred
About Amneal Pharmaceuticals
Amneal Pharmaceuticals specializes in developing, manufacturing and distributing of generic products which include complex dosage forms in a broad range of therapeutic areas.