Senior Information Security Governance Expert

SENIOR INFORMATION SECURITY MANAGER

Role: Senior Information Security Manager, Permanent

Direct Report: EVP Global Head of Technology Services

Hours: Full time, 40 hours per week

**Salary**: Dependant on skills and experience, excellent benefits package plus annual bonuses.

Location: Remote role - can be based at any of the following locations: Germany - Hamburg, UK - Abingdon, France - Toulouse or Italy - Verona

EVOTEC (UK) is a Pharmaceutical company and leader in the discovery and development of novel small molecule drugs with operational sites in Europe and the US. The Company has built substantial drug discovery expertise and an industrialized platform that can drive new innovative small molecule compounds into the clinic. In addition, Evotec has built a deep internal knowledge base in the treatment of diseases related to neuroscience, pain, oncology, inflammation and metabolic diseases. Leveraging these skills and expertise, the Company intends to develop best-in-class differentiated therapeutics and deliver superior science-driven discovery alliances with other pharmaceutical and biotechnology companies.

Key Responsibilities:
- Ensuring that the agreed information security guidelines are communicated to the target groups and trained (together with HR),- Maintaining policies and regulations regarding information security,- Advising other department representatives on all information security issues,- Performing Information Security audits and risk assessments (in projects, within the audit plan)- Supporting customer security assessments and performing supplier security assessments,- Addressing specific topics within the ISO 27001 scope, e. g. Identity & Access Management, Asset Management as well as works in ISMS certification programs Evotec wide,- Initiating and controlling the implementation of information security measures,- Initiating and coordinating target group-oriented awareness and training measures on the topic of information security,- Taking the lead in analyzing and following up on information security incidents,- Advising IT on the (IT) security architecture and secure processes in IT operations.

Qualifications:
- Bachelor's or Master's degree in Business Administration, Information Technology, or a related field or an equivalent qualification,- Sound professional working experience in a large-scale Information Security Governance environment, including practical years of acting in global information security organisations and belonging teams, ideally in a high regulated field such as pharmaceuticals, biotech, or healthcare,- Profound technical knowledge of security technologies as well as of enterprise IT Security solutions,- Profound experience in Security monitoring / Security Operations Centre (SOC)- Thrives on change, showing an ability to develop the information’s security constantly forward,- Experience in leading projects in terms of design and assessment of information security structures and processes,- A proven track record in dealing with complex information security & change projects and meeting conflicting situations and crisis scenarios,- Ability to adapt to a fast-moving information security landscape and keep pace with latest concepts, new security challenges and cyber threats,- Excellent knowledge of security management systems and respective standards (ISO 27001, NIST, CIS, GMP),- Industry certifications such as PMP, ITIL, Agile,- Industry certifications such as ISO 27001 Lead Auditor, CISSP, CISM, SANS, GSEC etc. would be ideal,- Proficiency in verbal and written communication in English, German language skills would be an advantage.

Our offer:
- A position within a vigorous and exciting professional environment promoted by an open culture and a spirit of community- A diverse, international workforce with a dynamic working environment that fosters creativity, innovations and teamwork- 30 days of annual holiday, flexible working hours, and in-house canteen- Capital forming benefits, holiday allowance, annual bonus depending on performance, and monthly allowance for public transportation