Fortrea

As a leading global contract research organization (CRO) with a passion for scientific rigor and decades of clinical development experience, Fortrea provides pharmaceutical, biotechnology, and medical device customers a wide range of clinical development, patient access and technology solutions across more than 20 therapeutic areas. With over 19,000 staff conducting operations in more than 90 countries, Fortrea is transforming drug and device development for partners and patients across the globe.

Are you ready to redefine what’s possible, and discover your extraordinary potential at Fortrea?

The Associate Director of cybersecurity Services is a leader responsible for evaluating the security profile and risks of Fortrea’s applications and business critical environments. This individual will lead a team of cybersecurity analysts to develop and maintain thorough and consistent processes for security assessment and assurance.

The Associate Director will partner with Fortrea technology teams to review the security of solutions while enabling the business to deliver at speed. The Associate Director will collaborate closely with other cybersecurity towers such as Architecture, Engineering, Operations, Identity & Access Management (IAM), and Governance, Risk & Compliance (GRC) to ensure alignment with security and compliance capabilities. 

Fortrea is a company dedicated to the idea that people at all levels of our organization should reflect the communities we serve. Diversity, equity, inclusion, and belonging are more than just concepts; they are woven into our DNA. We believe in cultivating a workspace where all employees can thrive.

Our mission is to help our clients bring the miracles of medicine to market sooner -- join us for your next career move.

Responsibilities include, but are not limited to:

• Serve as a central point of contact for initial Cybersecurity Services needs for business and operational units.
• Build and lead a team of Security Analysts focused on delivering a high-quality customer experience as well as consistent and comprehensive deliverables.
• Establish, promote, and evolve the Security Services program and model, building and maintaining strong relations with Business Units and technology teams.
• Create and maintain a lightweight threat modelling process for rapid application/project reviews
• Develop and maintain a security risk assessment process to ensure adherence with security policies and standards
• Ensure appropriate security controls are incorporated into the design and operations of new technologies and systems
• Validates controls associated with security requirements are in place and effective through review of evidence
• Document outcomes of risk assessments and maintain a risk register
• Promote the CyberSecurity Culture within the business, application, cloud, infrastructure, and technology teams
• Stays current with Industry trends and emerging threats within the Cybersecurity space and related application, cloud, infrastructure, and technology areas
• Lead initiatives for continuous training and development of the team, leveraging both internal and external resources
• Establish and track performance measures, and report to stakeholders, ensuring transparency and continuous improvement

Qualifications :

• Minimum of High School diploma or equivalent required
• Bachelor’s degree or equivalent
• Ability to interface with business and technical teams providing support and guidance for security reviews
• Excellent oral and written communication skills with the ability to translate technical security risks to leadership
• Ability to think strategically, innovatively, and execute effectively.
• Proven experience in collaborating across various IT and business domains at both the SME level and leadership

Experience : 

• Minimum 5 years’ experience in Cybersecurity required.
• Minimum 2 years people leadership and performance management
• Experience documenting business and security requirements
• Experience developing and maintaining request intake forms and processes
• Experience identifying and communicating CyberSecurity risks in solutions
• Ability to validate evidence of security controls meet stated requirements
• Strong domain experience and understanding in some of the following areas: 
• Application, API, and Container Security and relevant technologies
• Cloud Security including IaaS, PaaS, and SaaS
• Data storage technologies and access controls
• Data Protection technologies and approaches
• DevSecOps, SDLC, and Vulnerability Management
• Identity and Access Management methods, protocols, and technologies
• Security technologies such as CASB, DLP, Firewalls, IDS, SIEM, WAF

Preferred Qualifications

• Master’s degree preferred
• CISSP or CISM Preferred

Physical Demands / Work Environment:

• Ability to work remotely, communicate verbally, in writing, and view on screen content

Fortrea is looking for problem-solvers and creative thinkers who are passionate about breaking down barriers faced by sponsors of clinical trials, and who are committed to helping transform the development process to get promising life-changing ideas and therapies to patients faster. Join us as we cultivate a workspace where all employees have the opportunity to grow and make impacts on a global scale.

For more information about Fortrea, visit www.fortrea.com.

#LI-REMOTE

Fortrea is actively seeking motivated problem-solvers and creative thinkers who share our passion for overcoming barriers in clinical trials. Our unwavering commitment is to revolutionize the development process, ensuring the swift delivery of life-changing ideas and therapies to patients in need. Join our exceptional team and embrace a collaborative workspace where personal growth is nurtured, enabling you to make a meaningful global impact. For more information about Fortrea, visit www.fortrea.com.

Fortrea is proud to be an Equal Opportunity Employer:

As an EOE/AA employer, Fortrea strives for diversity and inclusion in the workforce and does not tolerate harassment or discrimination of any kind. We make employment decisions based on the needs of our business and the qualifications of the individual and do not discriminate based upon race, religion, color, national origin, gender (including pregnancy or other medical conditions/needs), family or parental status, marital, civil union or domestic partnership status, sexual orientation, gender identity, gender expression, personal appearance, age, veteran status, disability, genetic information, or any other legally protected characteristic. We encourage all to apply.

For more information about how we collect and store your personal data, please see our Privacy Statement.