Senior Security Architect
Location: Oeiras, Portugal
Job Overview:
The Security Architect role presents a dynamic opportunity to ensure the secure operation of the IQVIA Global Technology & Operations (GTO) cloud-based and acquired/merged infrastructure and processes through developing and implementing new Cybersecurity safeguards, amending and improving existing safeguards, as well as contributing to implementation of necessary security measures and controls within projects across the enterprise. This role is part of the GTO M&A team with focusses on Information Security. The position will provide an excellent opportunity to liaise with key external and internal stakeholders while strengthening our Information Security function. You will also find yourself working together with other IQVIA Information Security managers and staff, and with Business Unit teams. This is an opportunity to join and progress with a forward-thinking department.
Principal responsibilities will include:
- Work with IQVIA integration teams to secure M&A environments in alignment with IQVIA process, policies and standards.
- Work to implement core controls around critical platforms such as the email systems, backup critical servers, network perimeter, reputational security, MFA, EDR, and DLP.
- Develop information security processes and projects aimed at securing M&A environments through integration into IQVIA enterprise-level cybersecurity solution or via applying dedicated cybersecurity solutions to M&A environment as necessary
- Support a security program focusing on acquisition environments, including both new technological and organizational capabilities across the enterprise
- Ensure delivery of security architecture frameworks, design templates, standards, reference architectures and guidance materials in alignment with the IQVIA Integrated Information Security Framework (IISF) in application to cloud and M&A environments
- Engage with third-party specialist service providers and vendors where necessary to support program deliverables, including carrying out vendor and product selections and organizing necessary operational support
- Work with a team to develop the improvement of the landscape of technical security safeguards, including assessment and deployment of new capabilities, technologies, and systems as it relates to the M&A environments
- Develop secure architecture strategies for IQVIA with respect to technology domain standards and design goals
- Research and identify emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase security posture
- Evaluate information security components and conduct feasibility studies for selecting appropriate and cost-effective solutions
- Assess risks for each security control included in the security integration process and work with Risk Management teams & IT Project Manager to update risk register, current controls and risk treatment plan
- Support the effort for the delivery of M&A projects by providing necessary cybersecurity subject-matter expertise and contribution to both secure solution designs and configurations
Experience and Qualifications:
- 3 to 5 years of professional experience in Information Security, IT Delivery, IT Program Management or other related areas
- Experience with securing emails, servers, workstations
- Experience conducting security assessments to identify gaps in security architecture and controls.
- Experience with cloud security and cloud security platforms such as CASB, SASE, CSPM, CWPP, SaaS security, CSP (Azure and AWS) IaaS/PaaS security.
- Bachelor's degree in Business Administration, Computer Sciences or equivalent work experience in related areas is preferred
- A CISSP, CISM, CCSP or equivalent professional certificate
- Working knowledge of IT governance frameworks and standards such as CobiT, ITIL, ISO27001, NIST cybersecurity framework
- Working knowledge of IT architecture frameworks such as TOGAF and/or project management methodologies
- Working knowledge of regulatory and legal requirements frameworks related to information security for healthcare data, such as HIPAA, EU Data Protection Directive and/or equivalent regional frameworks is preferred
- Experience in information technology related positions with working knowledge of IT infrastructure, networks design, databases, processing systems, web applications, mobile technology, cloud, big data, virtualization, protocols and technologies supporting encryption, authentication, access control, information systems attack patterns, intrusion detection, and network security
IQVIA is a leading global provider of clinical research services, commercial insights and healthcare intelligence to the life sciences and healthcare industries. We create intelligent connections to accelerate the development and commercialization of innovative medical treatments to help improve patient outcomes and population health worldwide. Learn more at https://jobs.iqvia.com
At IQVIA, we believe that diversity, inclusion, and belonging empower our mission to accelerate innovation for a healthier world. We create a culture of belonging by valuing the perspectives of all talented employees worldwide and providing them with the opportunity to power smarter healthcare for everyone, everywhere. When our talented employees bring their authentic selves and their diverse experiences to work, they enable us to accomplish extraordinary things. Multifaceted thought processes spark innovation. Multi-talented collaboration harnesses innovation to deliver superior outcomes.