Regional Information Security Officer page is loaded
Regional Information Security OfficerApply locations Roma Italy (remote) Medolla, Modena
Time type Full time
Posted on Posted 30+ Days Ago
Job requisition id JR - 162769
Vantive is a vital organ therapy company on a mission to extend lives and expand possibilities for patients and care teams everywhere. For 70 years, our team has driven meaningful innovations in kidney care. As we build on our legacy, we are deepening our commitment to elevating the dialysis experience through digital solutions and advanced services, while looking beyond kidney care and investing in transforming vital organ therapies. Greater flexibility and efficiency in therapy administration for care teams, and longer, fuller lives for patients— that is what Vantive aspires to deliver.
We believe Vantive will not only build our leadership in the kidney care space, it will also offer meaningful work to those who join us. At Vantive, you will become part of a community of people who are focused, courageous and don’t settle for the mediocre. Each of us is driven to help improve patients’ lives worldwide. Join us in advancing our mission to extend lives and expand possibilities.
As a Sr. Manager, IT – Regional Information Security Officer (RISO), reporting to the CISO, you will ensure information security is an enabler for the business. You will operate with an understanding of the business strategy of the region and bridge the gap between security and regional interests.
You will be responsible for managing the information security program for the EMEA region and serving as the primary information security advisor and partner. This role involves collaborating with regional leadership and IT teams to identify security risks and implement security controls that enable regional objectives while complying with corporate policies and external regulations.
The ideal candidate must be pragmatic and practical in understanding Operational Technology and IT operations, and familiar with corporate cybersecurity objectives and industry standards. Passion for information security and risk management, a drive to foster a security-conscious culture, and relationship-building skills are essential.
Responsibilities:
* Develop and execute the annual information security plan for the region, including risk management, audits, awareness training, and control implementation.
* Partner with regional leadership to advise and drive decision-making on security to enable the region while mitigating cybersecurity risks.
* Understand regional goals, products, and objectives to lead and define a security initiatives roadmap.
* Embed security in the region by influencing and prioritizing initiatives with executive leaders.
* Communicate and innovate security practices with product engineering, manufacturing sites, and operations to maximize organizational benefits.
* Advise regional leaders on security matters, compliance, threat landscape, and data protection best practices.
* Conduct security risk assessments of infrastructure, applications, and processes to identify vulnerabilities.
* Partner with application teams to ensure security by design following architecture principles.
* Monitor controls and processes, identify gaps, and recommend remediation actions.
* Oversee security incidents, minimize impact, and incorporate lessons learned.
* Track security metrics to report on program effectiveness.
* Stay current on security trends, technologies, and regulations.
* Communicate regional needs to the InfoSec team to inform strategy and capabilities.
* Drive the adoption and improvement of InfoSec policies and controls across data center groups.
* Lead incident response and develop long-term risk mitigation strategies.
* Collaborate with cross-functional teams to embed security considerations into processes and projects.
* Guide the Regional Security Office to achieve regional goals securely and in alignment with policies.
* Support enterprise risk leadership in reviewing and communicating cyber risks to inform regional decisions.
Education, Knowledge, and Experience
* Bachelor’s degree in information security, Computer Science, or related field.
* 7+ years’ experience in an information security role.
* Expertise in data protection, compliance, access controls, network security, and risk management.
* Knowledge of healthcare, manufacturing, and data privacy regulations (European Security requirements, GDPR, HIPAA, CE+).
* Experience with risk management frameworks and security policies (ISO, NIST, COBIT, PCI, SOX).
* Security across multiple platforms and operating systems.
* Strong technical background with hands-on security tool implementation experience.
* Understanding of cyber threat strategies.
* Proficiency in Microsoft Office.
* Excellent communication skills, capable of presenting to senior leadership.
* Ability to multitask, prioritize, and manage time effectively.
* Strong organizational, problem-solving, and interpersonal skills.
* Motivated, independent, and capable of remote work.
* Experience in building relationships, influencing, and driving change.
* Industry certifications such as CISSP, CISM, CISA are preferred.
Reasonable Accommodation
Vantive is committed to providing reasonable accommodations for individuals with disabilities. If needed, please follow the provided link to request accommodations.
Recruitment Fraud Notice
Beware of employment scams involving fraudulent parties posing as Vantive representatives. Review our Fraud Notice to learn how to protect yourself.
About Us
At Vantive, your work will expand your skills and opportunities for growth. We are building on our nearly 70-year legacy in kidney care to provide best-in-class treatments. Join us to drive innovation and growth in a purpose-driven organization.
#J-18808-Ljbffr