Regional Third Party Risk Management Lead (IT Security)

Role Profile

·         Bachelor’s degree / MBA or advanced degree preferred.

·         8 years of proven experience in information security and/or third-party risk management / Geographic Scope Regional.

·         Pharmaceutical industry experience is strongly preferred.

·         Demonstrated experience understanding of security principles, IT security controls, and related technologies and products.

·         Experience effectively operating in and navigating a global organization with teams located across geographies.

·         Experience in evaluating third-parties for the presence of fundamental information security and data privacy controls.

·         Experience conducting risk assessments and applying concepts of inherent and residual risk in order to draw appropriate conclusions and articulate the same to non-technical audiences.

·         Ability to effectively negotiate appropriate remediation of security gaps with third party representatives to ensure protection of Takeda information.

·         CISSP or CISM certification (Desired).

·         English language strong skills.

·         Ability to travel periodically, domestically and internationally, to anywhere Takeda has significant operations.

Accountabilities

·         Maintain and mature the third-party risk management process framework for security and privacy risk, including necessary standards, procedures, and technologies

·         Execute the full lifecycle of information security and data privacy third-party risk assessments as needed, either individually or through available resources.

·         Provide clarifying support, where necessary, to internal third-party relationship owners or third-party representatives in their efforts to provide responses to the security and privacy risk assessment questionnaire.

·         Coordinate with Legal and Procurement representatives to ensure proper security and privacy clauses are included in third-party contracts

·         Effectively translate third-party responses to assessment questionnaire, using sound judgement, into concise risk exposure reporting for delivery to internal stakeholders.

·         Collaborate with internal third-party relationship owners and third-party representatives to recommend necessary security and privacy controls to effectively mitigate risks to Takeda

·         Ensure robust tracking and remediation of third-party security and privacy risk exposures identified through assessment processes

·         Evangelize third-party risk management processes across business lines to help influence a strong culture of proactive awareness for third-party risks

·         Provide any necessary training and awareness related to the third-party security and privacy risk assessment process

·         Contribute to the gathering and distribution of periodic program metrics and/or dashboards

·         Provide insights on other security risk management matters, as necessary, in collaboration with the broader Information Risk Management team.

Abilities

·         Strong verbal & written communication Spanish & English.

·         Leadership / Able to delegate and foster the development of high-performance teams to lead/support an environment driven by customer service and team work.

·         Decision-making and Autonomy

·         Innovation                                                                 We offer direct hiring & superior benefits