SAI Life Sciences
Website:
sailife.com
Job details:
Key Responsibilities:
Security Strategy & Governance
- Develop, execute, and continuously improve the enterprise information security strategy, policies, and procedures aligned with business objectives.
- Lead the implementation and maintenance of the ISO 27001 Information Security Management System (ISMS) and ensure ongoing compliance with relevant regulatory standards, including GDPR, HIPAA, FDA 21 CFR Part 11, PCI-DSS, NIST, and SOC 2.
- Conduct internal audits, gap analyses, and readiness assessments for certifications, and develop policies, procedures, and controls to maintain compliance.
- Establish crisis management, business continuity, and incident reporting frameworks.
Security Operations
- Oversee SOC operations, SIEM monitoring, threat detection, and incident response.
- Lead vulnerability management and penetration testing programs.
- Coordinate response to cyber incidents and forensic investigations.
- Manage third-party security risks and vendor assessments.
Regulatory & Compliance Management
- Ensure compliance with pharmaceutical and healthcare regulatory requirements.
- Support internal and external audits, inspections, and certifications.
- Collaborate with Quality Assurance and Regulatory Affairs teams during validation activities.
- Maintain documentation for CSV/CSA-related security controls.
Risk Management & Security Operations
- Manage enterprise risk assessment and mitigation strategies, including vulnerability management, threat intelligence, and incident response.
- Oversee day-to-day security operations, including monitoring, detection, response to breaches, cyber threats, and forensic investigations.
- Lead investigations of security incidents and develop mitigation and remediation plans.
- Monitor emerging security technologies, evaluate their applicability, and recommend upgrades or enhancements to strengthen security posture.
Team Leadership & Collaboration
- Lead, mentor, and manage the IT Security team, providing guidance, performance management, and professional development.
- Collaborate with IT, DevOps, and business teams to integrate security into the software development lifecycle (SDLC), cloud environments, and enterprise applications.
- Provide guidance and training to employees on security best practices, policies, and protocols.
Technology & Solutions Management
- Evaluate, recommend, and oversee the deployment of cybersecurity solutions, including network security, data protection, endpoint security, and identity and access management (IAM).
- Ensure continuous improvement of security tools, frameworks, and processes to protect sensitive data, intellectual property, and critical business assets.
- Secure hybrid infrastructure including On-prem data centres, Cloud platforms (AWS, Azure, GCP), SaaS platforms, Laboratory systems,
- Oversee IAM, PAM, endpoint security, network segmentation, and zero-trust initiatives.
- Implement security controls for OT/ICS environments in manufacturing plants.
Reporting & Communication
- Prepare and present detailed reports on security metrics, risk posture, compliance status, and remediation plans to senior leadership and stakeholders.
- Maintain detailed incident reports, compliance documentation, and audit records.
Qualifications & Skills:
- Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
- 12+ years of experience in information security.
- Strong knowledge of cybersecurity frameworks, risk management, and regulatory compliance.
- Hands-on experience with security technologies such as SIEM, firewalls, IDS/IPS, DLP, IAM, encryption, endpoint security, and cloud security (AWS, Azure, GCP).
- Proven experience in incident response, forensic investigations, vulnerability management, and business continuity planning.
Preferred Certifications:
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- ISO 27001 Lead Implementer / Auditor
- CEH (Certified Ethical Hacker) or equivalent
Skills & Competencies:
- Strong leadership and team management abilities.
- Strategic thinking and ability to align security initiatives with business objectives.
- Excellent analytical, problem-solving, and decision-making skills.
- Effective communication skills for both technical and non-technical audiences.
- Ability to manage multiple priorities and lead complex security projects.
Click on Apply to know more.