Business Information Security Leader; BISL - Commercial - Hybrid - Bridgewater, NJ or Morrisvi

Business Information Security Leader (BISL) - Commercial -- Hybrid - Bridgewater, NJ or Morrisville, NC

Updated: Yesterday

Location: Bridgewater, NJ, United States

Job : -OTHLOC-1144-2DH

Description

Syneos Health® is a leading fully-integrated life sciences services organization built to accelerate customer success. We partner with innovators at every point across the drug development and commercialization continuum, helping them navigate complexity, anticipate change and accelerate progress. Every day we perform better because of how we work together, as one team, each the best at what we do. We bring together talented experts across a broad spectrum of business critical corporate functions.

Every role plays an essential part in enabling our customers to achieve their goals. Our teams are agile, collaborative, and committed to delivering—for each other, for our customers, and ultimately for the people who rely on the services we support.

Why Syneos Health

• We are passionate about developing our people through career development, supportive and engaged line management, technical and therapeutic area training, peer recognition and total rewards program.
• We are committed to building an inclusive culture where you can authentically be yourself. Central to this is our purpose – Driven to Deliver – which captures the passion of our colleagues to show up each day and shape solutions that have the ability to dramatically impact someone’s life.
• We are continuously building the company we all want to work for and our customers want to work with. We bring together smart colleagues from across the world to shape the future of healthcare, driving impact for customers and defining the pace of patient progress.

Job Responsibilities

Syneos Health has three business units, Corporate, Clinical, and Commercial. Each of these units has a unique set of functions and requirements to operate smoothly and efficiently. The Business Information Security Leader (BISL) serves as the senior security executive embedded within an assigned business unit (Clinical, Commercial, or Corporate) accountable for information security across that sector. The BISL works across all departments and teams globally within its assigned business unit.

This role has responsibility for strategic solution design aligned to company-wide objectives, ensuring transparency of cyber risk posture, embedding security into business strategy and enabling secure product delivery.

In addition to the responsibilities below, the BISL will adapt to the ever-changing cybersecurity risk landscape to advise on risk mitigation and avoidance strategies for their assigned business unit.

• Serve as the senior security advisor to the assigned business-aligned STS leadership team.
• Partner across all departments and teams globally within the assigned business unit.
• Align security priorities with STS business strategy, digital roadmaps, and regulatory requirements.
• Embed security-by-design principles into portfolio planning, demand intake and product development processes.
• Inform Information Security priorities with STS product team strategy & goals.
• Represent security requirements in portfolio governance forums.
• Provide senior level accountability for the business unit security strategy, ensuring consistent direction, prioritization, and alignment with company-wide objectives while maintaining strong partnership with the CISO.

• Maintain visibility into the aggregated cyber risk posture of the assigned business unit.
• Ensure risk assessments are conducted, partnering with the Risk Management function, for new and materially changed technologies.
• Serve as a security risk advisor to business-aligned STS leadership, providing mitigation and remediation guidance, tracking and highlighting risk treatment plans progress.
• Provide formal risk posture reporting to STS leadership on a defined cadence.
• Escalate roadblocks inhibiting timely mitigation or closure of risks.
• Prevent unmanaged technology risk proliferation.
• Exercise senior decision authority for cybersecurity and technology risk matters within the Business Unit, including oversight of risk…