Cognizant
Job Summary
We are seeking an Information Security and Compliance consultant with experience in providing security applications controls and assessments for pharmaceutical manufacturers located in Raritan, NJ. This resource will work within the Information Security and Risk Management department, joining the team responsible for security consulting initiatives of Supply Chain Advanced Therapies IT Platforms related application support. In this role, this resource will be responsible for security & controls throughout global projects related to Supply Chain applications including Car‑t Cloud‑based software controls, and continuous collaboration and follow‑ups with the business partners.
In This Role, You Will:
Responsible for advancing cybersecurity of Pharma systems, applications, and integrations across product lines and regions by identifying key risks and controls through security assessments
Orchestrate and deliver cybersecurity risk assessments of Supply Chain projects, applications, and the technologies that run them while maintaining awareness of the changing threat landscape
Understand and promote risk management activities associated with external regulations and internal policies such as IAPP, GxP, and GDPR
Bridge the gap between traditional Information Technology (IT) and business functions by relating cyber threats and vulnerabilities to business imperatives and communicating them to key business leaders
Actively advise, assess, and lead Business and IT stakeholders in the development of secure information systems and solutions in line with the organization’s cybersecurity architecture, IAPP policies, and regulatory requirements
Maintain connections across peer groups to continuously understand emerging security solutions that are ground‑breaking enablers for mitigating supply chain risk
Constantly strive to shape the administrative controls for cybersecurity through advisory and assurance services
Support compliance assessments on regulatory (e.g., GxP or SOX)
Make recommendations for application security including change, incident management, process enhancements, access management, and change management
Consult stakeholders about data classification and privacy, including data encryption and protection
Ensure appropriate controls are implemented for Car‑t applications and coordinate alignment with Internal Audit and IT Compliance
Provide metrics and reports on a weekly basis tracking the entire portfolio, application assessment status, and Risk Acceptance status
Perform security consulting to ensure that the Minimum Viable Security (MVS) is built into new supply chain Advanced Therapies systems
Perform security risk assessments of existing Advanced Therapies systems applications, providing security/risk‑related updates and meaningful metrics, and answering all questions related to security/risk‑related subjects
Provide security consulting and assurance for assigned platforms, including performing risk calculators, application security questionnaires/assessments, identifying security gaps and remediation actions
Perform incident trending to ensure security root causes are identified and remediated
Evaluate static & dynamic vulnerabilities to identify TLM/ALM & other security issues along with the appropriate remediation actions
Have large experience in SOX, IAPP, GxP, Privacy compliance requirements
Provide local oversight for interns, employees / contractors in the team
Support key Advanced Therapies projects by providing a central point for SC security questions or queries on project support and ensuring complete and accurate responses
Navigating between all ISRM SC pillars to obtain knowledge regarding security issues
What You Need to Have to be Considered
Bachelor’s degree in information technology, Computer Science, or a related field
Minimum 7 years of experience working with security and controls, consulting stakeholders throughout the application implementation process
Broad knowledge of information security processes and principles is useful in explaining the business value of cybersecurity
Experienced in identifying and articulating issues/obstacles regarding application security issues
Working knowledge of Web/Cloud‑based software
Familiarity with SOX compliance requirements
Self‑starter and proficient multitasker with excellent documentation, communication, and organizational skills
Preferred Knowledge, Skills and Abilities: Certified Information Systems Security Professional (CISSP), CISM, CISA, etc.
Salary and Other Compensation The hourly salary for this position is between $114,500 – $134,000 depending on experience and other qualifications of the successful candidate. This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.
Benefits
401(k) plan and contributions
Long‑term/Short‑term Disability
Employee Stock Purchase Plan
About Us Cognizant is one of the world’s leading professional services companies, transforming clients’ business, operating, and technology models for the digital era. Our unique industry‑based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ‑100 and one of Forbes World’s Best Employers 2024) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at
www.cognizant.com .
Equal Employment Opportunity Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.
Disclaimer Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
#J-18808-Ljbffr
In This Role, You Will:
Responsible for advancing cybersecurity of Pharma systems, applications, and integrations across product lines and regions by identifying key risks and controls through security assessments
Orchestrate and deliver cybersecurity risk assessments of Supply Chain projects, applications, and the technologies that run them while maintaining awareness of the changing threat landscape
Understand and promote risk management activities associated with external regulations and internal policies such as IAPP, GxP, and GDPR
Bridge the gap between traditional Information Technology (IT) and business functions by relating cyber threats and vulnerabilities to business imperatives and communicating them to key business leaders
Actively advise, assess, and lead Business and IT stakeholders in the development of secure information systems and solutions in line with the organization’s cybersecurity architecture, IAPP policies, and regulatory requirements
Maintain connections across peer groups to continuously understand emerging security solutions that are ground‑breaking enablers for mitigating supply chain risk
Constantly strive to shape the administrative controls for cybersecurity through advisory and assurance services
Support compliance assessments on regulatory (e.g., GxP or SOX)
Make recommendations for application security including change, incident management, process enhancements, access management, and change management
Consult stakeholders about data classification and privacy, including data encryption and protection
Ensure appropriate controls are implemented for Car‑t applications and coordinate alignment with Internal Audit and IT Compliance
Provide metrics and reports on a weekly basis tracking the entire portfolio, application assessment status, and Risk Acceptance status
Perform security consulting to ensure that the Minimum Viable Security (MVS) is built into new supply chain Advanced Therapies systems
Perform security risk assessments of existing Advanced Therapies systems applications, providing security/risk‑related updates and meaningful metrics, and answering all questions related to security/risk‑related subjects
Provide security consulting and assurance for assigned platforms, including performing risk calculators, application security questionnaires/assessments, identifying security gaps and remediation actions
Perform incident trending to ensure security root causes are identified and remediated
Evaluate static & dynamic vulnerabilities to identify TLM/ALM & other security issues along with the appropriate remediation actions
Have large experience in SOX, IAPP, GxP, Privacy compliance requirements
Provide local oversight for interns, employees / contractors in the team
Support key Advanced Therapies projects by providing a central point for SC security questions or queries on project support and ensuring complete and accurate responses
Navigating between all ISRM SC pillars to obtain knowledge regarding security issues
What You Need to Have to be Considered
Bachelor’s degree in information technology, Computer Science, or a related field
Minimum 7 years of experience working with security and controls, consulting stakeholders throughout the application implementation process
Broad knowledge of information security processes and principles is useful in explaining the business value of cybersecurity
Experienced in identifying and articulating issues/obstacles regarding application security issues
Working knowledge of Web/Cloud‑based software
Familiarity with SOX compliance requirements
Self‑starter and proficient multitasker with excellent documentation, communication, and organizational skills
Preferred Knowledge, Skills and Abilities: Certified Information Systems Security Professional (CISSP), CISM, CISA, etc.
Salary and Other Compensation The hourly salary for this position is between $114,500 – $134,000 depending on experience and other qualifications of the successful candidate. This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.
Benefits
401(k) plan and contributions
Long‑term/Short‑term Disability
Employee Stock Purchase Plan
About Us Cognizant is one of the world’s leading professional services companies, transforming clients’ business, operating, and technology models for the digital era. Our unique industry‑based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ‑100 and one of Forbes World’s Best Employers 2024) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at
www.cognizant.com .
Equal Employment Opportunity Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.
Disclaimer Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.
#J-18808-Ljbffr