Director Information Technology Security

55214 - Senior Director IT Security

The opportunity:

In today’s rapidly evolving landscape, real-time posture management is more critical than ever. Threats are constantly exposed, and Zero Day vulnerabilities are exploited swiftly by malicious actors. Our window of reaction time has become increasingly limited. Traditional audit tools no longer suffice in addressing the current risk environment. As a result, our Technical/Tactical Governance, Risk, and Compliance (TGRC) team has transformed into a more technologically adept and tactically agile force. With Teva’s global presence across 60 countries and our modern cloud-based applications, our Tactical GRC (TGRC) team leverages advanced platforms to fortify our cyber security posture. We are actively seeking a seasoned Senior Manager to lead this team, ensuring the security of Teva’s assets worldwide

How you’ll spend your day:

• Ensure cloud environment compliance over time using CSPM platforms.
• Integrated cloud tools with existing OT and R&D environments.
• Manage Teva cybersecurity attack surface and act to reduce risks.
• Manage all Teva cybersecurity policies and procedures.
• Responsibility of findings mitigation.
• Implement and operate cybersecurity posture tools.
• Collaborate with other security, operation, and IT cloud teams.
• Manage Zero Days outbreaks.
• Engage with business units to understand their cloud security needs and ensure compliance with Teva policy.
• Stay up to date on industry best practice and continuously monitor the evolving cloud security landscape and emerging threats.
• Provide regular status updates about cloud security and posture.
• Lead the governance, compliance, and posture of the cloud environments.
• Develop of cloud knowledge and the cloud team roadmap.
• Strategize TGRC tools such as BAS, VS, VA, ASM etc.
• Play key supporting role in various security Governance, Risk, Privacy and Compliance initiatives (policies & standards development, ISO27001,GDPR etc.).

Your experience and qualifications:

Education:

• Bachelor's degree in information systems, Computer Science, or related field can be advantage.
• Relevant Cyber Security certifications

Experience:

• Minimum 5 years of overall experience in Cyber Security, IT, Risk Assessments, cyber risk evaluation / risk management in a large corporate enterprise
• Strong understanding of Information Security principles and application, Cloud solutions, common security elements/controls, and cyber assessment techniques
• Professional knowledge of Cyber Risk Management, defense-in-depth principles, and awareness of compliance legislation, industry frameworks and best practices: NIST, SANS Security Model, etc.
• At least one certification such as CISSP, CISM, CISA, CRISC, CIPP, CISO or equivalent
• Demonstrated experience applying security and risk frameworks, such as NIST CSF/800-53/800-171 etc.
• Experience in developing security policies and standards, risk assessments, third party risk programs, risk management, risk registries, regulatory compliance, security metrics.
• Must possess the ability to develop presentations and deliver them to senior management.

Preferred Qualifications:

• Ability to communicate and work effectively with others, harness different skills and experience
• Experience in Cyber Defense, Vulnerability management, Security Architecture, Cloud security, OT environment
• Technical ability to manage and use advance cyber solutions (such as BAS / ASM)
• Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude.
• Knowledge of current threats and regulatory best practices in the cybersecurity and OT security
• Action and results-oriented with the ability to overcome obstacles, able to work well under deadlines in a changing environment.
• Ability to adjust quickly to shifting priorities, and decision-making skills with limited information.
• Strong understanding of project management methodology
• Ability to set and manage expectations with key stakeholders and team members.
• Outstanding communication skills, including the ability to write and verbally articulate industry terminology to interact at a technical level, management level and senior executive level.
• Strategic thinking and the ability to plan and then convert it into action