Define, execute, and mature Avantor’s global security governance, risk, and compliance strategy
Develop and oversee programs ensuring adherence to regulatory requirements and alignment with security best practices
Advise the CISO and senior leadership on enterprise risk posture and compliance obligations
Manage the Company’s Information Security Management System (ISMS)
Define and drive the enterprise application security strategy
Lead the enterprise cyber risk management program including risk assessments and reporting
Own information security components of compliance programs and readiness efforts

Requirements

Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field (or equivalent experience)
10+ years of progressive experience in Information Security, with at least 5 years in GRC leadership roles
Strong understanding of security frameworks: NIST CSF/800-53, ISO 27001, SOC 2, CIS Controls, COBIT
Professional certifications: CISSP, CISM, CISA, CRISC, CGEIT, ISO 27001 Lead Implementer / Auditor, or similar
Experience in life sciences, manufacturing, or highly regulated industries
Familiarity with data privacy regulations (GDPR, CCPA) and cloud compliance programs

Benefits

medical, dental, and vision coverage
wellness programs
health savings and flexible spending accounts
401(k) plan with company match
employee stock purchase program
11 paid holidays
18 PTO days annually
eligible for volunteer time off
6 weeks of 100% paid parental leave

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Information Security Management System (ISMS)enterprise application securitycyber risk managementrisk assessmentssecurity frameworksNIST CSFISO 27001SOC 2CIS ControlsCOBIT

Soft Skills

leadershipadvisorycommunicationstrategic planningrisk management

Certifications

CISSPCISMCISACRISCCGEITISO 27001 Lead ImplementerISO 27001 Auditor