Sr Director, Head of Cyber Security – Evinova

AstraZeneca • Full-time • Mississauga, ON, CA • 1w ago

Are you ready to be part of the future of healthcare? Are you able to think big, be bold, and harness the power of digital and AI to tackle longstanding life sciences challenges? Then Evinova, a new health tech business part of the AstraZeneca Group might be for you!

Transform billions of patients’ lives through technology, data, and pioneering ways of working. You’re disruptive, decisive, and transformative. Someone who’s excited to use technology to improve patients’ health. We’re building a new health-tech business – Evinova, a fully-owned subsidiary of AstraZeneca Group.

Evinova delivers market-leading digital health solutions that are science-based, evidence-led, and human experience-driven. Thoughtful risks and quick decisions come together to accelerate innovation across the life sciences sector. Be part of a diverse team that pushes the boundaries of science by digitally empowering a deeper understanding of the patients we’re helping. Launch pioneering digital solutions that improve the patients’ experience and deliver better health outcomes. Together, we have the opportunity to combine deep scientific expertise with digital and artificial intelligence to serve the wider healthcare community and create new standards across the sector.

The Head of Cyber Security will be the senior-most accountable leader for Evinova’s cyber security program including policy-setting, operational oversight, routine audit, and incident management. The role will lead a team focused on maintaining company-wide information security to ensure that Evinova’s information assets are adequately protected in relation to confidentiality, integrity, and availability. Working directly for the Evinova Chief Technology Officer, the role is responsible for overseeing the internal information security needs of the company and providing leadership and internal collaboration to enable cyber risk management, policy development, regulatory compliance, data privacy, and IT security operations of Evinova’s digital product offerings.

This role presents an opportunity to join Evinova from the beginning, designing and implementing innovative cyber security practices that are designed by industry, for industry.

Develops and delivers a comprehensive information security strategy to optimize the security posture of the organization. This includes preventive and proactive measures such as cyber assessments, cyber incident response planning, security policies, procedures, and operating practices.
Provides oversight on the management and strategy of a technical security infrastructure for the defense, detection, and response to sophisticated cyber threats.
Works closely across all business functions to educate, evangelize, and maintain and improve compliance with all Evinova information security policy requirements.
Ensure complete isolation of Evinova’s sensitive customer information from our partner company through physical and logical isolation, policies, and procedures.
Conducts cyber risk assessments and makes recommendations to leadership on best practices and appropriate technology solutions for the organization and within digital product offerings.
Defines and implements the Evinova Cyber Security and Awareness education program and ensures appropriate training for all employees and contractors.
Maintains significant knowledge of Cyber threat vectors, attack methodologies, and mitigation/remediation methods. Share insights on emerging threats and collaborate on developing protective measures against potential vulnerabilities within Evinova’s applications and infrastructure.
Collaborates with product and platform engineering to identify, assess, and prioritize risks to applications and infrastructure, and develop risk mitigation strategies.
Guides engineering teams in selecting and implementing security tools and technologies that help in proactive threat detection and response within the application and infrastructure domains.
Works with engineering to identify, assess, and prioritize risks to applications and infrastructure, and develop risk mitigation strategies.
Partners with Quality and Compliance to ensure engineering security practices are up to date and appropriate oversight is applied, and fully documented in policies and procedures.
Develops and leads global cyber security workstreams across business operations, product development, and solutions delivery/implementation functions.
Develops an actionable plan linked to the security strategy that ensures the security of the organization and leads the routine execution of that plan including cyber security assessments and penetration tests as well as disaster recovery and business continuity simulations.
Runs a global vulnerability management program.
Is responsible for end-to-end incident response and disaster recovery situations to ensure business continuity, compliance, and data integrity.
Actively collaborates with Evinova and AstraZeneca Group leadership to align and share best practices for cyber security, business continuity, and other related policies and procedures.
Coaches team for high performance, creating a supportive working environment where everyone has the opportunity to fulfil their potential.

Minimum Qualifications:

10+ years of experience in information security positions, with 5+ years’ experience in a role overseeing an information security program.
Experience in implementing and operating ISO and NIST cyber security frameworks.
Demonstrable experience securing cloud-based custom-developed solutions.
Significant knowledge of cyber threat vectors and their attack methodologies is required.
Deep understanding of information security technologies, networking, and network architecture required.
Understanding of common/industry standard IT Security related solutions or tools
Experience in performing cyber forensics and reverse engineering.
Understanding and running a 24x7x365 global security operations center (SOC).
Proven ability to manage competing priorities and work under pressure.  
Current information security certification as a GIAC, CISSP, CISM, CISA, etc.
A global perspective on privacy, security, and data protection issues and trends.
Expert at reducing cyber risk in a large, global enterprise.
Experience working in other IT disciplines and across a range of industries and sectors
Experience in ensuring compliance within a highly regulated sophisticated business environment
Knowledge of and experience with industry good practices and standards such as ISO (multiple), GAMP GxP, ICH GCP, FDA 21 CFR, GDPR, CMMI, ITIL, GDPR

Desired Qualifications:

Master’s degree in computer science, business administration, or similar relevant area of study
Well-versed in data security standards and regulatory compliance, particularly in the healthcare and clinical research industry.
Direct customer experience using in-scope products
Demonstrate initiative, strong customer orientation, and cross-cultural working
Experience working with CxO level collaborators

Why Evinova (AstraZeneca)?

Evinova draws on AstraZeneca’s deep experience developing novel therapeutics, informed by insights from thousands of patients and clinical researchers. Together, we can accelerate the delivery of life-changing medicines, improve the design and delivery of clinical trials for better patient experiences and outcomes, and think more holistically about patient care before, during, and after treatment. We know that regulators, healthcare professionals, and care teams at clinical trial sites do not want a fragmented approach. They do not want a future where every pharmaceutical company provides its own, different digital solutions. They want solutions that work across the sector, simplify their workload, and benefit patients broadly. By bringing our solutions to the wider healthcare community, we can help build more unified approaches to how we all develop and deploy digital technologies, better serving our teams, physicians, and ultimately patients. Evinova represents a unique opportunity to deliver meaningful outcomes with digital and AI to serve the wider healthcare community and create new standards for the sector.  Join us on our journey of building a new kind of health-tech business to reset expectations of what a bio-pharmaceutical company can be. This means we’re opening new ways to work, pioneering cutting-edge methods, and bringing unexpected teams together. Interested? Come and join our journey.

So, what’s next!

Are you already imagining yourself joining our team? Good, because we can’t wait to hear from you.

Where can I find out more?

Our Social Media, Follow AstraZeneca on LinkedIn https://www.linkedin.com/company/1603/

Follow AstraZeneca on Facebook https://www.facebook.com/astrazenecacareers/

Follow AstraZeneca on Instagram https://www.instagram.com/astrazeneca_careers/?hl=en

Learn more about Evinova www.evinova.com