Sr Mgr IT Risk Management

Company: Regeneron Pharmaceuticals
Location: Troy
Posted on: May 7, 2022

Job Description:

We are currently looking to fill a Senior Manager IT Risk Management position. This role is responsible for IT Risk Management across the IOPS sites. This role will focus on Plant Resilience and ensure that appropriate processes and systems are in place to reduce the risk of IT issues impacting the Regeneron business and ensuring processes and procedures are in place to recover when issues do arise. This role will also ensure alignment to Corporate Information Security and IT Operations standards for Patch Management and Lifecycle Management.In this role, a typical day might include the following:

• Leads all or part of IT Risk Management across IOPS
• Ensures technology risk is defined, assessed, documented, reported and supervised across IOPS
• Reviews technology controls across IOPS to identify potential vulnerabilities and weaknesses
• Works across the IT Team to help identify technology risks and mitigation initiatives for existing technologies and systems
• Leads risk assessments for all new technology projects, applications and services, identifying risks and agreeing mitigation actions
• Works closely with Corporate Information Security, to ensure technology risk and controls are aligned with regulatory and compliance requirements across the company
• Ensures identified risks and mitigation actions are monitored and tracked
• Leads the verification/auditing of controls and risk/control indicators
• Drives the mitigation of key risks by identifying and recommending changes to policies and procedures
• Maintains awareness of emerging security risks and trends and raises awareness of risks where appropriate
• Leads the team and response as part of Regulatory and Internal audits related to Technology Risk and Information Security
• Ensures third party Security Risk Assessments are completed
• Ensures that appropriate processes, procedures and systems are in place to reduce the risk of business impact from IT issues.
• May audit core IT systems and processes like Backup and Restore to ensure are they are effective for IOPS systems to recover from issues.
• Works across IT to ensure security standard methodologies are identified and coordinated into all facets of projects including designs/configuration, and implementations
• Leads the documenting of standards, processes, and procedures for security incident response
• Leads the development, modification and implementation of Risk and Security standards, practices and policies for IOPS
• Responsible for oversight of Operating Systems Patch Management across IOPS IT GxP systems and workstations in alignment with Corporate standards.
• Responsible for oversight of Operating System Life Cycle Management across IOPS.
• Ensures that the IOPS sites are aligned with Corporate Information Security policies and standards, e.g. Anti-Virus, End-Point protection etc.
• Responsible for the oversight of the IT Disaster Recovery schedule and execution.
• Works with IT and IOPS Facilities to ensure Business Continuity Plans are in place and tested for IOPS Systems.
• Develops and leads budget and resource plans for the IT Risk area
• Works closely across IT in the management and development of the IT Risk area
• Manages, coaches and develops their team as per IOPS requirements
• Responsible for management of vendor relationships in the IT Risk area
• Communicates status updates to upper management and customers
• Handles administrative duties related to leading their team
• Ensures employee training requirements are met and on time
• Drives continuous improvement mentality within direct report team and identify areas within IT where they can demonstrate or share standard methodologiesThis role may be for you if you:
  • Consistent track record in technology risk identification and management
  • Knowledge and experience of the wider and emerging technology space, such as infrastructure, database, networks, mobile device management and cloud technologies
  • Experience of information risk governance and an understanding of risk analysis, management techniques and methodologies
  • Strong analytical skills with the capability to assess the information provided, and provide clear and appropriate direction
  • To be considered for this role you must hold: BS/BA in Information Technology or related field with 8 years Risk or Security experience or equivalent combination of education and experience.
  • Experience of a regulatory environment, information security standard methodologies (ISO 27001:2013, NIST Cyber Security framework etc.)Does this sound like you? Apply now to take your first steps toward living the Regeneron Way! We have an inclusive and diverse culture that provides amazing benefits including health and wellness programs, fitness centers and stock for employees at all levels!Regeneron is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion or belief (or lack thereof), sex, nationality, national or ethnic origin, civil status, age, citizenship status, membership of the Traveler community, sexual orientation, disability, genetic information, familial status, marital or registered civil partnership status, pregnancy or maternity status, gender identity, gender reassignment, military or veteran status, or any other protected characteristic in accordance with applicable laws and regulations. We will ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application process. Please contact us to discuss any accommodations you think you may need.

Keywords: Regeneron Pharmaceuticals, Troy , Sr Mgr IT Risk Management, Executive , Troy, New York