Responsibilities:

• Responsible for the security architecture, monitoring, compliance, and defense of the corporate network and related IT infrastructure including all corporate applications, servers, and on-prem and cloud network infrastructure.
• Oversee managed security service providers (MSSP), Security Operations Center (SOC) contractors, and consultants responsible for Information Security Operations and Response.
• Identify and tailor information security requirements and provide guidance to project leads and business owners, as necessary.
• Serve as an Information Security expert across IT functional areas and implement an effective information security strategy aligned with business objectives.
• Implement technologies to ensure the availability, integrity, and confidentiality of all IT related systems.
• Oversee the design, implementation, and maintenance of security policies, procedures, and standards.
• Responsible for the coordination and remediation of assessments and audits of BlueRock's information security posture and compliance.
• Manage Information Security incidents during all phases of incident response.
• In partnership with IT Risk and Compliance, ensure BlueRock's IT Infrastructure and Applications are in a ready state of compliance in adherence to industry and regulatory requirements.
• Stay abreast of emerging threats and trends in information security and provide guidance to senior management on potential risks and mitigation strategies.
• Collaborate with cross-functional teams to integrate security best practices into all aspects of the organization's operations.
• Manage relationships with external vendors and partners to ensure compliance with security requirements and standards.
• Provide leadership and guidance to promote a culture of security awareness and compliance throughout the organization.
• Conduct regular security assessments and audits to identify vulnerabilities and risks.
• Develop incident response plans and lead investigations into security breaches or incidents.

Qualifications:

• BS/BA in computer science, engineering, or relevant field preferred with minimum 8 years of IT and or business leadership experience.
• Strong experience overseeing controlled computer system environments supporting corporate audit and or regulatory inspection readiness, data integrity controls.
• Strong understanding and or working experience in supporting Sarbanes-Oxley, Data Privacy (GDPR, CCPA), Cyber Security, and related control frameworks (NIST, ISO, etc.)
• Strong understanding of Biotech, Pharma industry and related business operations and technology solutions.
• Excellent organizational and leadership skills; Outstanding communication and interpersonal abilities with demonstrated problem-solving and troubleshooting skills.
• Understanding of technology products and vendor strategies
• Ability to work independently and exercise judgment with excellent attention to detail.
• Must be an agile/flexible collaborator with ability to influence with cross functional partners.
• Highly proficient in written and oral communication skills