Manager, Cybersecurity BISP
Description:
Work Flexibility: Hybrid
Job description
The Business Information Security Partner (BISP) will be a trusted advisor to a specified business or function in all areas pertaining to Cybersecurity to help the business achieve their strategic goals.
The BISP will develop and manage business partnerships with the leadership teams to formulate the Cybersecurity strategy in alignment with divisional business strategy and objectives. The BISP will drive key programs to protect Stryker from cyber risk and drive cybersecurity strategies in collaboration with our regional businesses to foster cyber awareness and adherence to security operations.
Key responsibilities include: build strong collaborative relationships with division leadership and teams; provide innovative strategies to stay ahead of emerging cyber threats and trends; educate department heads by providing insights and data on emerging cyber trends; identify opportunities for cyber risk mitigation and prioritizing initiatives; prepare, define, and monitor cybersecurity projects to ensure Stryker’s assets are protected; and, drive clear effective cyber awareness communications across leadership teams..
The role will drive key programs and be the primary point of contact for cybersecurity incidents, as well as, innovation and continuous improvement in cybersecurity, cyber risk and compliance to achieve financial, operational and customer service goals in collaboration with the Cybersecurity teams.
What you will do:
Drive cybersecurity value creation and customer satisfaction for the business
Build and maintain strong relationships with division leadership and act as a liaison between Cybersecurity and the business
Support continuous risk assessment, threat modeling and proactive mitigation strategies in collaboration with the business and Cybersecurity teams
Collaborate with business and Cybersecurity teams to develop and enforce cybersecurity policies, procedures and standards
Serve as POC for incident response management; develop and maintain a comprehensive incident response plan for business users
Manage cybersecurity risks associated with third-party vendors and service providers
Drive adherence to third-party risk assessment process
Assist in the development of metrics used to track value delivery
Identify opportunities where conflicts/synergies/redundancies exist between business capabilities and systems to improve Cybersecurity effectiveness
Liaise with other Cybersecurity, IT and product security stakeholders in project management, architecture and governance to ensure alignment and ensure a smooth integration of process output with the rest of the technology ecosystem
Support geographic execution of Cyber awareness programs
Accountable for delivering adequate business intelligence reporting capability to support the business
Communicate on projects by issuing regular status updates and managing communication within team, business leadership and stakeholders.
Work with colleagues and other stakeholders to enable timely resolution of remediation actions.
Conduct daily monitoring of BitSight vulnerability findings, ensuring timely escalation to the appropriate teams as necessary to address and remediate security issues promptly.
Provide strategic recommendations to enhance security processes, policies, and compliance efforts within a highly regulated industry.
Cross-functional collaboration working closely with cybersecurity teams and other Stakeholders to track remediation efforts, address security gaps, and provide executive-level insights using advanced dashboards and reporting.
Lead key initiatives related to BitSight, and other remediation efforts as needed, ensuring timely execution and delivery of security enhancements that align with the company’s strategic goals.
Research domain ownership and points of contact, facilitating team coordination to track and remediate vulnerabilities, preventing potential security threats.
Work with teams to establish clear objectives, metrics, and deadlines for all BitSight vulnerability management activities. Track progress against these goals and ensure timely completion of all tasks to meet organizational security standards and compliance requirements.
Perform other duties as directed
What you need:
Bachelor’s degree required
Bachelor’s in Business Administration or Computer Information Systems preferred
CISSP preferred
Qualifications & experience:
Minimum of 8+ years of professional work experience required
Knowledge (4+ years) of medical devices and/or pharmaceutical industry and basic knowledge of adjacent areas in terms of processes, organization, products and cybersecurity requirements
Project management experience, working with internal and external cross-divisional team members, preferably with Cybersecurity projects
Ability to work effectively in a matrix organization structure with significant emphasis on collaboration and persuasion, rather than relying entirely on command and control
Strong communication skills with ability to communicate effectively with both divisional leaders and technical teams
Strong presentation and track record of facilitating to various global audiences
Strong analytical and problem-solving skills.
Good business acumen and negotiation skills
Strong organizational capabilities to manage multiple priorities.
Must have strong customer service skills and focus along with excellent communication, interpersonal, and negation skills
Strong analytical and organizational skills
Driven to continually build knowledge and skills
Able to build trusting relationships in and outside of the organization
Versatility, flexibility, and a willingness to work within dynamically changing priorities with enthusiasm
Excellent trainer and has experience with change management
Travel Percentage: 20%
R540057