Head of Operations Technology-Cybersecurity, Healthcare

Posté 21 juil. 2021

Billerica, Massachusetts - United States

Demander un identifiant 224212



A career with EMD Serono is an ongoing journey of discovery: our 58,000 people are shaping how the world lives, works and plays through next generation advancements in Healthcare, Life Science and Electronics. For more than 350 years and across the world we have passionately pursued our curiosity to find novel and vibrant ways of enhancing the lives of others. EMD Serono is a business of Merck KGaA, Darmstadt, Germany.


United As One for Patients, our purpose in Healthcare is to help create, improve and prolong lives. We develop medicines, intelligent devices and innovative technologies in therapeutic areas such as Oncology, Neurology and Fertility. Our teams work together across 6 continents with passion and relentless curiosity in order to help patients at every stage of life. Joining our Healthcare team is becoming part of a diverse, inclusive and flexible working culture, presenting great opportunities for personal development and career advancement across the globe.

Your role: 
The Head of OT-Cybersecurity is responsible to drive, coordinate and govern all business related Operations Technology (OT) security activities for our Healthcare Business, in order to enable secure and compliant data, software systems, networks, server rooms and data centers.


You will drive delivery of security solutions, to enable organization structures and people to manage OT security by applying cybersecurity controls to prevent, manage, monitor, analyze and predict / address risks for attacks and intrusions. They should conduct counteractive protocols and report incidents, along with examining and evaluating security strategies and defenses. You also create new defensive systems and protocols in close partnership with the business functions, OT Automation teams in Engineering, Healthcare IT and Group Cybersecurity. Within this responsibility, the role reports to the Global Head of Digital and Data, Healthcare (HDD). You will represent HDD, in a matrix organization, in definition of the corporate-wide OT security strategies, policies, and tools. The position has strong connection to IT Functions but even more to the teams managing OT assets.  The Head of OT-Cybersecurity is fundamental within the overall IT/OT ecosystem acting as a connection bridge between functions providing overall OT security governance, education, and IT infrastructure solutions.


Key responsibilities:

  • Drive implementation of the OT security risk management process within the company
  • Align with relevant stakeholders and corporate security on the risk level and exposure
  • Develop a holistic plan for OT security for the Healthcare Business and drive its implementation considering the effort at agreed risk
  • Define OT cybersecurity governance and operating model for HC, support definition of corporate OT security standards and policies, and collaborate with all Healthcare Functions to ensure all defined controls and measures are implemented and managed
  • Foster OT Cybersecurity as part of the Business mindset by implementing a cybersecurity by-design culture into Business decisions
  • Participate and support major OT security incident handling in accordance with defined processes
  • Periodically benchmark externally on OT cybersecurity systems & measures across the industry and share outcome with internal collaboration partners


Who you are:

Minimum qualifications: 

  • Bachelor’s degree in industrial automation, computer sciences and/or information security or related discipline
  • 10+ years of relevant experience
  • Experience within a Manufacturing Environment/Automation and Robotics
  • Experience in OT Cybersecurity
  • Information Security certifications such as CISM, GICSP, ISA/IEC 62443, CISSP (or equivalent)


Preferred qualifications:

  • Master’s degree in industrial automation, computer sciences and/or information security or related discipline
  • Good knowledge of industry leading Cybersecurity standards and groups: ISA, IEC, ISO, NIST, Namur, ENISA, BSI, and other Critical Infrastructure and Essential Services requirements
  • Knowledge of pharmaceutical environment and related cGMP guidelines and regulations
  • Ability to develop long term visions and strategies, then turn it into execution plan
  • Multicultural experience, fluent in English and at least one additional language
  • Strong collaboration skills in experiences in successful management in a matrix organization across different functions and countries



What we offer: With us, there are always opportunities to break new ground. We empower you to fulfil your ambitions, and our diverse businesses offer various career moves to seek new horizons. We trust you with responsibility early on and support you to draw your own career map that is responsive to your aspirations and priorities in life. Join us and bring your curiosity to life!

Our Benefits - http://jobs.vibrantm.com/emd/content/Benefits-at-a-Glance/?locale=en_US

Curious? Apply and find more information at https://jobs.vibrantm.com


The Company is an Equal Employment Opportunity employer. No employee or applicant for employment will be discriminated against on the basis of race, color, religion, age, sex, sexual orientation, national origin, ancestry, disability, military or veteran status, genetic information, gender identity, transgender status, marital status, or any other classification protected by applicable federal, state, or local law. This policy of Equal Employment Opportunity applies to all policies and programs relating to recruitment and hiring, promotion, compensation, benefits, discipline, termination, and all other terms and conditions of employment. Any applicant or employee who believes they have been discriminated against by the Company or anyone acting on behalf of the Company must report any concerns to their Human Resources Business Partner, Legal, or Compliance immediately. The Company will not retaliate against any individual because they made a good faith report of discrimination.