Cyber Security Improvement Program Lead, Roche Diagnostics
Considering the increasing importance and criticality of product cyber security, the Roche Diagnostics Leadership Team has decided to launch the Roche Diagnostics Cyber Security Improvement Program (RDSIP) to enhance cyber security measures related to our products and solutions, moreover under the mandate of SIS to establish and provide the respective standards and governance.
For this the Roche DIA Cyber Security Improvement Program will run a set of change management projects for technical standards, redefining processes, run communication and awareness campaigns, distribute lessons learnt, develop cyber security best practices and run a set of technical and non-technical pilot projects in various Roche DIA entities. This program shall enable the business areas to comply with cyber security requirements and customer expectations with the outcome to become prepared for Roche DIA being a leader in digital diagnostics.
The role`s mission is to manage and lead the Roche DIA Cyber Security Improvement Program by setting up a program roadmap, decide on program projects and budgets, align and coordinate on projects or subprojects engaged with the Roche DIA Cyber Security Improvement Program and in relation to it.
The details below describe the responsibilities for this role:
Assume overall accountability for program outcome, coordinating a group of related projects and subprojects to obtain benefits and control
Focus coordination efforts on project interdependencies relating to resource constraints and alignment of strategic directions addressing escalated issues and facilitating resolution in a shared program steering committee
Manage and oversee the RDSIP steering committee and ensure proper stakeholder management.
Work closely with the business areas and business functions engaged in cyber security and digital transformation to map program projects to customer, regulatory and business requirements
Lead maturity reviews in program projects or subprojects to provide recommendations as to whether they should continue or be significantly changed
Lead the Roche DIA Cyber Security Improvement Program and its Program Management Office according to agreed milestones and prepared deliverables by the Program Manager
Decide and review required program resources based on provided decision and recommendation matrix developed by the Program Manager
Closely liaise with the Program Manager to ensure alignment of the overall program approach, objectives, budget, resources, timeline and delivery aspects in respect to the agreed program governance through the steering committee
Ensure the adherence and alignment to the appropriate Roche DIA governance functions (Legal, HR, IT) relating to RDSIP and in accordance with company guidelines, policies and practices
Ensure the oversight and coordination of dependencies across other projects, initiatives and related Roche DIA divisional programs relating to RDSIP and resolve or escalate conflicts
Direct the development and maintenance of communications and reporting around the RDSIP projects to stakeholder and/or governance boards, the steering committee and senior executives
Perform Security Awareness presentations and display latest advancements in cyber security
Who you are
You are someone who wants to influence your own development. You are looking for a company where you have the opportunity to pursue your interests across functions and geographies, where a job title is not considered the final definition of who you are but the starting point.
To be successful in this role, you need to bring:
10+ years of experience in Information Technology (IT), product and cyber security across different businesses, functions, sites and countries and addressing complex cyber security topics at various management levels
Proven experience and deep understanding in cyber security program technical aspects
Demonstrated ability in implementing complex IT and cyber security projects (IoT, embedded, safety critical products, digital cloud and big data platforms)
Experience in effectively managing cross-functional virtual teams
Ability to influence senior executives and decision makers by transferring technical cyber security knowledge and technical innovations to management level understanding
Experience in product management and product life-cycle management
Extensive know-how in IT, product and cyber security
Solid knowledge in cloud based services
Solution-focused mindset, ability to take decisions quickly
Highly result oriented with proven ability to work against aggressive timelines
Understanding of product life-cycle management and digital supported services
Willingness to travel 20 to 40% of your time
Possess at least one of the cyber security certifications ISO27001 Lead Auditor, CISSP, CISA or CISM