Business Information Security Leader - Corporate Systems - Hybrid Bridgewater, NJ or Morrisville, NC
Syneos Health · Morrisville, NC · 1 mo ago
HybridInformation TechnologyFull-time
Job Responsibilities
- Serve as the senior security advisor to the assigned business-aligned STS leadership team.
- Partner across all departments and teams globally within the assigned business unit.
- Align security priorities with STS business strategy, digital roadmaps, and regulatory requirements.
- Embed security-by-design principles into portfolio planning, demand intake and product development processes.
- Inform Information Security priorities with STS product team strategy & goals.
- Represent security requirements in portfolio governance forums.
- Provide senior level accountability for the business unit security strategy, ensuring consistent direction, prioritization, and alignment with company wide objectives while maintaining strong partnership with the CISO.
Cyber Risk Ownership
- Maintain visibility into the aggregated cyber risk posture of the assigned business unit.
- Ensure risk assessments are conducted, partnering with the Risk Management function, for new and materially changed technologies.
- Serve as a security risk advisor to business-aligned STS leadership, provide mitigation and remediation guidance, track and highlight risk treatment plans progress.
- Provide formal risk posture reporting to STS leadership on a defined cadence.
- Escalate roadblocks inhibiting timely mitigation or closure of risks.
- Prevent unmanaged technology risk proliferation.
- Exercise senior decision authority for cybersecurity and technology risk matters within the Business Unit, including oversight of risk acceptance, escalation to enterprise forums, and long-term risk posture considerations.
Secure Solution Delivery Governance
- Participate in business demand and portfolio review processes to ensure early security engagement.
- Ensure projects receive appropriate security requirements and technical guidance.
- Drive early involvement of regulatory, privacy, and compliance subject matter experts.
- Monitor and drive adherence to enterprise security standards and architectural patterns.
- Deliver strategic solution design aligned to company-wide objectives.
Regulatory & Compliance Alignment
- Ensure business unit adherence to security policies, standards, and regulatory requirements (e.g., Privacy, SOX, GxP as applicable).
- Partner with Compliance, Privacy, Legal and other Risk functions to address control gaps.
- Partner with CISO subject matter experts to support security-related audits, regulatory inquiries, and remediation activities.
- Represent the business unit in enterprise security, risk, and compliance governance forums, providing senior-level input on regulatory risk and remediation priorities.
Investigations & Resilience
- Support security investigations and post-incident reviews, providing senior oversight and accountability for remediation outcomes and systemic improvements.
- Drive business engagement in continuity and disaster recovery planning.
- Ensure lessons learned are incorporated into control improvements and architecture patterns.
Security Culture & Business Enablement
- Promote a culture of secure behavior and accountability.
- Cascade and tailor security communications and awareness for maximum business unit impact.
- Translate complex security risks into business-relevant language.
- Provide periodic executive-ready reporting and risk insights.
- Influence decision-making through data-driven risk transparency.
- Provide strategic leadership and direction across senior leaders, managers, and cross-functional stakeholders within the Business Unit, enabling consistent execution in a complex, matrixed environment.