Job Description

Executive Director & CISO Location: Bridgewater, NJ — Additional: Malvern, PA; Philadelphia, PA Join to apply for the Executive Director & CISO role at Mallinckrodt Pharmaceuticals. The Chief Information Security Officer (CISO) is responsible for shaping and implementing our cybersecurity vision and strategy, managing the enterprise’s information security program, and ensuring the protection of information assets and associated technology. They collaborate with executive management to determine acceptable risk levels and implement security practices that meet agreed policies and standards. They drive digital transformation by enabling secure adoption of AI/ML, automation, and zero‑trust principles across the enterprise. The CISO communicates the impact of cybersecurity on the business to senior stakeholders and ensures that information systems are secure and compliant with legal, regulatory, and contractual obligations. The CISO presents regularly to the Executive Team & Board of Directors, translating complex security risks into actionable business insights. Key Responsibilities Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program. Work directly with business leaders and IT partners to facilitate risk assessment and risk management processes. Develop and enhance an information security management framework aligned with NIST, ISO, and industry best practices. Collaborate with cross‑functional teams to enhance the organization’s security profile and respond to new and emerging threats, balancing risk, business operations, and strategic goals. Lead the enterprise’s information security organization and build a high‑performing team. Partner with stakeholders to raise awareness of risk management concerns and embed security considerations in projects and services. Mentor and manage a motivated staff of security professionals, including hiring, training, development, and performance management. Strategic Leadership & Governance Define and execute the information security vision, strategy, and roadmap aligned with organizational priorities. Provide cybersecurity strategy, risk posture, and key metrics to the Board and executive committees, translating technical risks into business impact. Maintain relationships with industry peers, threat intelligence sources, and regulatory agencies to stay abreast of cyber events and emerging threats. Ensure consistent and high‑quality security management across the company. Develop and maintain a comprehensive metrics and reporting framework for board‑level visibility. Risk Management & Compliance Identify, assess, and prioritize information security risks. Implement effective risk management strategies and controls, including medical device security protocols and zero‑trust architecture. Develop, socialize, and coordinate approval and implementation of security policies. Monitor the external threat environment and advise stakeholders on appropriate actions. Collaborate with law enforcement and advisory bodies as needed to maintain a strong security posture. Technical Capabilities & Continuous Improvement Conduct routine security assessments, audits, and validation of controls. Set and track target milestones and performance metrics. Drive security automation and orchestration initiatives for incident response, vulnerability management, and compliance monitoring. Design, implement, and maintain a robust, scalable information security architecture. Ensure security measures are integrated into all IT infrastructure components. Incident Response & Vendor Management Manage and contain information security incidents, leading investigations and corrective actions. Maintain an incident response plan that addresses prompt response and efficient recovery. Evaluate and manage relationships with third‑party security vendors, ensuring adherence to security standards and contractual obligations. Qualifications 10+ years of experience in senior leadership roles in risk management, information security, or IT/OT security. Bachelor’s degree or advanced degree in Information Security, Business Administration, or a related field. Strong background in healthcare cybersecurity, especially medical device ecosystems. Experience in developing and executing a security roadmap for a large organization. In‑depth knowledge of information security principles and best practices. Strong understanding of data privacy laws, regulations, and standards. Professional security certifications preferred (CISSP, CISM, CISA, CRISC, etc.). Pharmaceutical industry experience highly desired. Knowledge & Skills Knowledge of NIST, ITIL, GDPR, ISO, FDA cybersecurity guidance, ISO 13485, IEC 81001‑5‑1. Expertise in threat detection, ransomware risks, and data privacy regulations. Proficiency with SIEM, IDS/IPS, firewalls, patch management, and cloud security controls. Excellent written and verbal communication skills, with ability to translate technical risk into business impact. Strong stakeholder management, project management, and analytical thinking. Experience in financial/budget management and influencing cross‑functional teams. Physical Requirements Occasional travel to sites. Compensation Base salary range: $280,000 – $360,000. Eligibility for a discretionary bonus. Disclaimer The statements above describe the general nature and level of work performed. They are not an exhaustive list of duties and may be modified at management’s discretion. #J-18808-Ljbffr Mallinckrodt Pharmaceuticals

Job Tags

Similar Jobs