Key skills
CloudCyber SecurityLeadershipRisk Management
About this role
Role Overview
- Define, execute, and mature Avantor’s global security governance, risk, and compliance strategy
- Develop and oversee programs ensuring adherence to regulatory requirements and alignment with security best practices
- Advise the CISO and senior leadership on enterprise risk posture and compliance obligations
- Manage the Company’s Information Security Management System (ISMS)
- Define and drive the enterprise application security strategy
- Lead the enterprise cyber risk management program including risk assessments and reporting
- Own information security components of compliance programs and readiness efforts
Requirements
- Bachelor's degree in Information Security, Cybersecurity, Computer Science, or related field (or equivalent experience)
- 10+ years of progressive experience in Information Security, with at least 5 years in GRC leadership roles
- Strong understanding of security frameworks: NIST CSF/800-53, ISO 27001, SOC 2, CIS Controls, COBIT
- Professional certifications: CISSP, CISM, CISA, CRISC, CGEIT, ISO 27001 Lead Implementer / Auditor, or similar
- Experience in life sciences, manufacturing, or highly regulated industries
- Familiarity with data privacy regulations (GDPR, CCPA) and cloud compliance programs
Tech Stack
- Cloud
- Cyber Security
Benefits
- medical, dental, and vision coverage
- wellness programs
- health savings and flexible spending accounts
- 401(k) plan with company match
- employee stock purchase program
- 11 paid holidays
- 18 PTO days annually
- eligible for volunteer time off
- 6 weeks of 100% paid parental leave