Manager, GRC, Awareness & Application Security

We connect top talent in Business Services, Tech, Marketing & Creative with companies of all sizes—offering flexible, high-touch staffing solutions. We are currently filling the following direct-hire job for our client.

Job Title: Manager, GRC, Awareness & Application Security

Overview:

Join a dynamic global pharmaceutical company as a Manager, GRC, Awareness & Application Security, where you'll play a pivotal role in shaping the security landscape across North America. Reporting to the Director of Cybersecurity, this newly created position offers an exciting opportunity to lead a comprehensive risk management and security awareness program within a highly regulated industry. Your expertise will help embed security best practices into daily business and development activities, foster a security-aware culture, and ensure compliance with critical frameworks such as NIST CSF, ISO 27001, and GxP. If you're passionate about cybersecurity, have a strategic mindset, and thrive in a fast-paced environment, this role is your chance to make a meaningful impact.

Required Skills:

• Strong proficiency in GRC frameworks (NIST CSF, ISO 27001, CIS Controls) and enterprise GRC platforms
• Extensive experience in security awareness, application security, and risk management within regulated industries (pharma, biotech, healthcare)
• Knowledge of secure SDLC, DevSecOps, SAST, DAST, and SCA tools
• Ability to develop and implement security policies, standards, and data-driven awareness programs
• Effective communication skills with the ability to translate technical risks into business insights
• Experience managing third-party/vendor risk assessments and remediation processes
• Familiarity with compliance requirements such as HIPAA, GxP, 21 CFR Part 11
  
  

Nice to Have Skills:

• Certifications such as CISSP, CRISC, CISM, CSSLP, or similar
• Experience with cloud security platforms (AWS, Azure, GCP) and Zero Trust architecture
• Prior experience managing global security programs and collaborating across regions
  
  

Preferred Education and Experience:

• Bachelor’s degree in Information Security, Computer Science, Business, or related field (Master’s preferred)
• At least 7 years of progressive cybersecurity experience, with a focus on GRC and application security in regulated environments
• Proven track record of managing enterprise-wide risk or awareness programs with measurable outcomes
  
  

Other Requirements:

• Willingness to travel approximately 10% to Japan for onsite collaboration
• Hybrid work model requiring 2 days per week in Princeton, NJ, with flexible scheduling (most employees go Tuesday and Thursday)
• Ability to start before or shortly after Thanksgiving; the first hire may join as early as late 2023 or early 2024
  
  

MissionStaff is an equal opportunity employer. Please note that we do not accept unsolicited resumes from third-party recruiters or agencies. Additionally, candidates must be U.S. citizens or Permanent Residents to be considered for this position.