Head of Global Cybersecurity

With over 120 years of experience and more than 17,000 employees in over 20 countries, Daiichi Sankyo is dedicated to discovering, developing, and delivering new standards of care that enrich the quality of life around the world. In Europe, we focus on two areas: The goal of our Specialty Business is to protect people from cardiovascular disease, the leading cause of death in Europe, and help patients who suffer from it to enjoy every precious moment of life. In Oncology, we strive to become a global pharma innovator with competitive advantage, creating novel therapies for people with cancer. Our European headquarters are in Munich, Germany, and we have affiliates in 13 European countries and Canada.

As part of our global DX (Digital Transformation) organization, we are currently recruiting for a newly established role as

Head of Global Cybersecurity (f/m/x)

The Position:

As a member of the Daiichi Sankyo DX leadership team (DXLT) you will set and lead the Cybersecurity strategy and culture to support the achievement of our corporate strategy.

Global DX strives to be the business and DX accelerator by providing strategic guidance for the business through holistic enterprise architecture and innovative leadership with further strengthening of business relationship management. The DX organization strives for standardized and integrated data that is available globally when needed with enhanced efficiency and stakeholder experience due to standard processed, systems and applications. It also provides enhanced expertise to technology solutions and management of projects.

The role is based in Europe and will be reporting into Chief Information Officer and Global Head, Digital Transformation Unit.

• Oversee and provide strategic direction to the Cybersecurity function globally.
• Lead the strategic direction and operational coherence of cybersecurity in Daiichi Sankyo Group supervising two distinct functions, Cybersecurity policies & strategy and Cybersecurity architecture.
• Formulate a comprehensive cybersecurity strategy managing security policies, standards, and practices with regulatory requirements and corporate objectives, fostering a culture that enhances awareness of security.
• Stimulate risk management.
• Responsible for managing the operation of global-level cybersecurity services, including Managed Security Services, Security Operations Center (SOC), and Computer Security Incident Response Team (CSIRT). This includes planning and executing of security assessments such as penetration test for the global IT platform.
• Act as close business partner to CDXO and the heads of other functions in Global DX on Cybersecurity related matters.

Roles & Responsibilities:

• Cybersecurity policies & strategy
  • Responsible for developing the cybersecurity strategy by establishing baselines defining target states, and crafting roadmaps to meet company requirements.
  • Monitors regulatory risk landscapes to iteratively update policies such as data protection, access controls, and incident response in alignment with strategic objectives and legal mandates.
  • Establish a singular governance framework and standards, prescribing cybersecurity requirements, identifying asset/system criticality, and delineating lines of accountability.
  • Involve formulating processes and guidelines for comprehensive cyber risk governance, and developing guidance for the cyberspace workforce in terms of resourcing, staffing.
  • Educate employees across the organization to enhance awareness regarding cybersecurity matters.
• Cybersecurity architecture
  • Entail developing security requirements to guide architecture, enhancing business resilience, and reducing vulnerabilities. It involves monitoring security compliance, ensuring stakeholder needs align with enterprise architecture for mission protection.
  • Identify cyber threats via threat modeling, risk assessments, and promoting best practices and advanced technologies for technical security.
  • Foster a security-centric culture in architectural decisions across the organization is crucial.
  • Encompass operating global-level cybersecurity services, including Managed Security Service, SOC, CSIRT, and planning/executing security assessments like penetration tests for the global IT platform in close collaboration with global and regional Infrastructure team responsible for day-to-day security operation.
• Cybersecurity operations
  • Lead as the Chief Information Security Officer (CISO) at Daiichi Sankyo our Global Security Network Operations Center (NOC) team to protect our organization's critical information assets.
  • Responsible for developing and implementing security strategies, managing risk, and ensuring regulatory compliance across all regions.
  • Oversee incident response and leverage advanced technologies to maintain a robust cybersecurity posture.
  • Guide and support a diverse team of cybersecurity professionals within the Global Security NOC. You will provide the necessary resources and direction to ensure effective monitoring and response to security threats.
  • Drive initiatives to enhance our security framework and safeguard our digital assets globally, ensuring the continued trust and reliability of Daiichi Sankyo's operations.
  • Shape and lead the Cybersecurity to ensure a culture that lives our global values and behaviors.
  • Establish and ensure operational excellence through the effective deployment of structures, processes, systems and capabilities that best support DS Group global growth.
  • Allocate and manage financial and human resources in Cybersecurity.
  • Responsible for providing Cybersecurity perspectives and aligning with Senior leadership, other unit heads and external stakeholders on matters that have a significant impact on function strategy, operations, and performance.
  • Lead Cybersecurity members, supporting them in achieving their goals, creating a positive work environment, encouraging motivation and performance, developing their skills and managing conflict.
  • Lead all activities to ensure the organization management including compliance, EHS, talent development, culture cultivation in Cybersecurity.

• Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, Master Degree preferred in CyberSecurity.
• Minimum of 10-15 years of experience in information security, including a minimum of 5 years in a senior leadership role.
• Extensive experience in cybersecurity areas such as security architecture, incident response, risk management, and policy development.
• Technical Expertise of cybersecurity technologies, including cloud security, network security, encryption, IAM, and emerging tech, along with proficiency in security analytics and AI.
• Knowledge and capability to stay current with the evolving threat landscape, regulatory changes, zero trust architecture, cybersecurity frameworks, and security automation trends.
• Certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor).
• Model Core Values and Core Behaviors at the highest standards.
• Effectively align individuals and key stakeholders with differing viewpoints to organizational goals and decisions.
• Place a high priority on developing others, through coaching, feedback, exposure and stretch assignments.
• Show a problem solving mindset with strong interpersonal and intercultural skillset.
• Have a high adaptability and learning agility.
• Strong communication skills are essential for coordinating with internal teams and external stakeholders.

• Excellent Benefits
• Work-Life-Balance
• Growth and Development
• Health and Wellbeing Support

CRWL1_DE