Senior Manager, Cyber & Information Security - Ireland, Dublin Hybrid: Office/Remote
ICON plc is a world-leading healthcare intelligence and clinical research organization. We’re proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development.
We are currently seeking a Cybersecurity Manager to join our diverse and dynamic team. The Cybersecurity Manager will be responsible for overseeing the internal and third-party cyber risk management program at ICON. This is a crucial role in ICON’s security program and is expected to deliver key initiatives, provide guidance and expertise to team members and business stakeholders and contribute to shaping the Information Security program and budget.
What You Will Be Doing: Maintain an internal and third-party cyber risk management framework, policies, and business practices to ensure that a consistent and standardized methodology is implemented. Evaluate and define cyber risk appetite and risk tolerance throughout the organisation. Liaise with cybersecurity stakeholders (i.e., Red Team, Threat & Vulnerability Management, Cyber Threat Intelligence, Security Architecture, Security Engineering, Cyber Assurance) and IT stakeholders (i.e., IT Risk Management, SecOps, Technical Owners, Service Portfolio Managers) to ensure systemic cyber risks are identified, assessed, responded to and monitored. Ensure effective cyber risk assessments are performed and risk assessment results are communicated to Risk Owners and other stakeholders to elicit risk responses in a timely manner. Actively participate in IT Risk Oversight Committee meetings, steer risk remediation activities, and escalate risks where appropriate. Identify solutions to automate/enhance the effectiveness of cyber risk management lifecycle activities via IRM/GRC tools. Maintain a cybersecurity controls library using reputable control frameworks and tailoring/supplementing controls, as necessary. Ensure supplier security assessments are performed effectively and efficiently using a risk-based approach that drives the nature, timing, and extent of due diligence activities. Oversee the execution of continuous monitoring activities for key suppliers, which includes the use of security reputation service providers. Actively participate in the Supplier Risk Oversight Committee to communicate security concerns and initiatives that affect suppliers at ICON. Implement approaches to identify and address shadow IT/vendor activities across the organisation. Escalate supplier and nth-party cyber risks to ICON’s internal and external stakeholders. Advise on scoping new supplier services based on the inherent cyber risk to ICON and consult with Procurement and other Assessment Teams (e.g., Data Privacy, Quality Assurance, Legal & Compliance). Lead and facilitate cybersecurity incidents associated with suppliers or nth parties to ensure notable security incidents are appropriately addressed, and collaborate with ICON’s Cyber Resilience team and other departments (e.g., Data Privacy, Legal & Compliance) as necessary to comply with ICON’s contractual and regulatory obligations. Advise on contracts with suppliers, as necessary, to address cyber third-party risks pertaining to ICON. Lead a team of cybersecurity professionals and oversee operational execution of the risk management and supply chain security service functions. Lead other initiatives and miscellaneous activities within the organisation (e.g., technical security assessments/audits, program maturity assessments, mergers and acquisitions due diligence, security architecture initiatives), as needed. Occasional travel may be required.
Your Profile:: The successful candidate will gain experience of operating in a technically complex, fast-changing and dynamic environment. Working as part of a global security team, the Cybersecurity Senior Manager must be a proven self-starter, leader, and have excellent organisational and communications skills. The ideal candidate will have a genuine passion for Information Security and must have the ability to maintain composure under pressure and work calmly during an emergency. They should also have a solid understanding in the following areas: ISO/IEC 27001 Standards NIST Cybersecurity framework ISO 27005 / ISO 31000 NIST SP 800-39 MITRE ATT&CK Framework Information Security Standards NIST Secure Software Development Framework Strong understanding of Layered Security (defense-in-depth) Proven Problem-solving Skills Network, Cloud and Mobile Security experience is a plus Security Architecture knowledge is a plus At least 5 -10 years in a security related role Bachelor’s degree in computer science, programming, or other related program Significant experience with risk management methodologies, industry standards, managing an Information Security Management System (ISMS) and delivering key aspects of a security program in a regulated environmentInformation security risk & governance experienceSolid vendor management experience across a variety of servicesExperience with managing people and working directly with business and IT management positions (non-technical and technical)Demonstrate a strong awareness of the current threat landscape Nice to Haves: Certifications: Relevant certs e.g. (ISC)2 CISSP, ISACA CISM/CISA/CRISC, SANS GIAC, ISO27k LA/LI; Presented on security topics at security conferences; Familiar with the laws, regulations, industry standards and guidance pertaining to Data Protection and Information Security; Familiarity with pharma, biotech and/or CRO operations or health sector (e.g., H-ISAC experience a plus); IRM/GRC tool experience
What ICON can offer you:
Our success depends on the quality of our people. That’s why we’ve made it a priority to build a diverse culture that rewards high performance and nurtures talent.
In addition to your competitive salary, ICON offers a range of additional benefits. Our benefits are designed to be competitive within each country and are focused on well-being and work life balance opportunities for you and your family.
Our benefits examples include:
- Various annual leave entitlements
- A range of health insurance offerings to suit you and your family’s needs.
- Competitive retirement planning offerings to maximize savings and plan with confidence for the years ahead.
- Global Employee Assistance Programme, LifeWorks, offering 24-hour access to a global network of over 80,000 independent specialized professionals who are there to support you and your family’s well-being.
- Life assurance
- Flexible country-specific optional benefits, including childcare vouchers, bike purchase schemes, discounted gym memberships, subsidized travel passes, health assessments, among others.
Visit our careers site to read more about the benefits ICON offers.
ICON, including subsidiaries, is an equal opportunity and inclusive employer and is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know or submit a request here
Interested in the role, but unsure if you meet all of the requirements? We would encourage you to apply regardless – there’s every chance you’re exactly what we’re looking for here at ICON whether it is for this or other roles.
Are you a current ICON Employee? Please click here to apply
