Logo
Eisai

Director, Americas IT Security & Compliance Lead

Eisai, Nutley, New Jersey, us, 07110


Director, Americas IT Security & Compliance Lead

At Eisai, satisfying unmet medical needs and increasing the benefits healthcare provides to patients, their families, and caregivers is Eisai's human health care (hhc) mission. We're a growing pharmaceutical company that is breaking through in neurology and oncology, with a strong emphasis on research and development. Our history includes the development of many innovative medicines, notably the discovery of the world's most widely-used treatment for Alzheimer's disease. As we continue to expand, we are seeking highly-motivated individuals who want to work in a fast-paced environment and make a difference. If this is your profile, we want to hear from you. Job Summary: As the Americas IT Security and Compliance Director, you play a pivotal role in ensuring the organization's adherence to security, regulatory, and compliance standards. Collaborating with business and EIT stakeholders, you promote awareness of best practices and strengthen compliance with GDPR, HIPAA, CSL, and other relevant security and data privacy standards. Your responsibilities span security operations, risk assessment, investigations, and compliance issue resolution for the Americas business. You oversee business continuity, disaster recovery, and crisis management, while also educating end-users on compliance requirements. Additionally, you manage regulatory compliance activities, maintain accurate documentation, and evaluate new system impacts. Organizational management involves strategic alignment, coaching, and resource optimization. Essential Functions: Partnerships and Business Relationships: Promotes awareness of standards related to security, regulatory, clinical, commercial, and manufacturing processes to establish a culture of compliance regionally. Strengthens Eisai US's compliance with GDPR, HIPAA, CSL, and other relevant Security and Data Privacy standards through continual risk and security assessment. Collaborates with global stakeholders from EIT and leaders across regions in Compliance, Ethics, Risk Management, Legal, Data Privacy, and Information Protection. Security Responsibilities: Monitor and respond to incidents. Conduct annual tests and address vulnerabilities. Analyze threat data and lead hunting efforts. Deploy standards, conduct training, and track KPIs. Define critical processes and manage recovery testing. Regularly review adherence to standards. Oversee regional security vendors. Prioritize risk-based reduction efforts. General Compliance Activities: Maintain an inventory of regulatory, commercial, and organizational technology compliance requirements for the region. Facilitate creation and modification of regional IT compliance policies. Assess inherent and residual IT compliance risks using a risk assessment framework. Oversee documentation, implementation, and testing of IT compliance controls. Monitor IT compliance risks to an acceptable level. Manage IT compliance issue resolution. Report compliance risk levels to key stakeholders. Coordinate audit readiness and resolution. Align IT compliance budget with risk appetite and global strategy. Educate end-users on IT compliance requirements. Oversee business continuity, disaster recovery, and crisis management. Manage IT training programs and conduct Segregation of Duties reviews. Regulatory Compliance Activities: Collaborate with legal and compliance representatives to identify IT compliance requirements across relevant jurisdictions. Update IT compliance policies based on regulatory changes. Establish a regulatory change management process for modifying technological functions and compliance controls. Monitor and test IT compliance controls for effectiveness. Remediate control deficiencies and investigate potential unlawful actions. Oversee system data retention standards and verify system operations. Manage Eisai's information governance program, including JSOX compliance. Maintain accurate compliance documentation and advise control owners. Assess risk, evidence adequacy, and remediate findings. Evaluate new system impacts against compliance controls. Organizational Management Works with the Regional EIT Leadership Team on the service portfolio and governance required to prioritize resources, including budget. Collaborate with CIO Office to align strategy, initiatives and projects across the regional EIT organization. Provide daily coaching and mentoring to staff (direct reports and project teams). Manage direct reports including recruitment, supervision, scheduling, development, and performance management. Requirements Scope

Decisions for Eisai Americas IT Compliance and Security: investment planning, business outcomes, budgeting and systems related decisions. Directs priorities of internal staff and MSP resources. Governs all IT Compliance and Security for Eisai EIT regionally.

Qualifications and Education

College diploma or university degree in computer science, information science, management information systems, or business administration. Advanced Degree, such as MBA with technology as a core component, is preferred. Minimum of 15 years related work experience, including at least 5 years of enterprise-level governance and management. Certified Information System Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or other similar credentials. Strong knowledge of GAMP practices, familiarity with ISPE practices, and application of GxP standards. Industry-related legal, compliance, information security, or business continuity management certification is advantageous. Prior audit/assurance experience is helpful.

Information Technology and Compliance Experience

Ten or more years of experience across multiple disciplines (e.g., architecture, development, analysis) in a multi-tier environment. Proven life science IT leadership in planning, developing, deploying, and supporting applications across various domains. Experience leading teams to design IT Security and Compliance processes and policies. First-hand knowledge of security compliance programs (SSAE 16, SOX, PCI, PII). Practical application of industry standards (NIST, ITIL, GxP, COBIT, ISO 27001, ISO 27002) in a corporate environment. Managing application/system changes in compliance with regulations (21 CFR Part 11, GxP). Understanding of e-discovery lifecycle, EDRM, and legal provisions. Advanced knowledge of information security practices, technologies, and vendors. Business analysis skills for vision/strategy development and process modeling. Familiarity with emerging technologies applicable to pharma and biotech. Problem-solving ability considering quality, cost, and speed. Broad understanding of IT technology platforms, products, and services.

Leadership and Teamwork

Strong track record of effective cross-functional and cross-cultural team collaboration and execution. Ready to think, behave and act in an innovative consulting manner to drive the organization's digital business strategies. Effective leadership skills including team building, consensus building, and achieving goals through others.

Communication, Organization and Problem-Solving Skills

Excellent interpersonal communication skills, ability to network, strong personal integrity, collaborative mindset, and a strong customer focus are necessary. Ability to organize, prioritize, and work effectively in a constantly changing environment. Demonstrated problem solving skills, including taking ownership to ensure timely resolution.

Information Technology Planning, Analysis, Design, Architecture and Management

The ability to work at all levels of the organization to develop a vision for platform roadmaps and maintain consensus around the strategic direction. Strong business analysis skill and experience, including development of business/IT vision and strategy, requirements definition, and process modeling. Familiarity with information management practices, system development life cycle management, IT services management, and agile methodologies.

#J-18808-Ljbffr