Apply Now

Director, Information Risk & Compliance

Wood Dale, IL, USA | SCIEX

  • Industry:
    Pharmaceutical / Biotech
  • Position Type:
  • Functions:
    General Management
    Risk Management
    Legal / Compliance
  • Experience:
    10-12 years
Job Description:
84 people have viewed this job

We are currently seeking a Director, Information Risk & Compliance to lead the information risk management program within the Danaher Information Security organization. This leadership role will oversee the effective identification, assessment, monitoring, and reporting of risk and the surrounding controls environment across the Danaher organization. Reporting directly to the Global CISO, this role leads a small team to bring thought leadership and analytical risk quantification together in partnering with business stakeholders to deliver effective cyber risk management practices.


Build and maintain a scalable, sustainable, and robust cyber risk management program including governance, assessment, monitoring, and reporting procedures

Develop, measure, and maintain a security controls framework that consists of standards, measures, practices, and procedures that provides assurance of compliance to regulatory requirements (NIST CSF & 800-53, ISO 27001, PCI, CCPA, and SOX)

Build a robust third-party supplier risk program to quantify and recommend compensating controls or risk mitigation techniques to reduce inherent risk within business operations

Establish a Data Protection Program to drive a data driven approach for classifying, discovering, enforcing, and maintaining company data through the data management lifecycle

Create and maintain security policies, procedures, and standards to govern application and enforcement of the controls environment

Ensure timely and effective continuous risk monitoring, measurement, and tracking through external service providers for current and emerging threats and impact on business objectives

Lead a small team of direct reports and lead through influence operating company personnel in managing risk to acceptable levels

Maintain, track, and improve KPIs and KRIs tied to effectively operating the cyber risk management program


Bachelor's degree in computer science, technology or related field

Relevant security certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK, etc.) are a plus 

Minimum 10 years’ experience in Information Security and/or IT Risk/Audit organizations

Leadership experience in a large, matrixed organization

Experience assessing administrative and technical controls impact on risk and translating resulting impact to non-technical stakeholders

Experienced rolling out risk management frameworks such as FAIR or OCTAVE in an enterprise environment

Experienced with security control frameworks including: NIST Cybersecurity Framework, SOX, SOC 2, NIST 80-53, ISO 27001, and PCI

Knowledgeable on IT General Controls and applicability to IT SOX compliance requirements

Strong understanding of the terminology, concepts, IT controls and best practices across key risk areas including risk assessment methodologies, identity and access management, cloud/SaaS, application security data loss prevention, networks, systems design and operations, and incident management

• Periodic travel up to 20% of timeImportant Competencies

Ability to learn and adapt to new requirements and priorities while driving to consistent outcomes

Proven ability to drive cultural change across an organization in achieving a risk-based decision-making culture

Demonstrated ability to analyze complex matters and produce detailed and prioritized actions to a defined conclusion

Demonstrated strategic thought leader experienced in leading organizational change and applying creative problem-solving approaches to deliver intended outcomes

Experienced managing a team of direct reports and well versed in leading through influence to achieve a common objective

Self-motivated, able to work independently and with a team 

Ability to communicate complex technical concepts in a comprehendable manner to non-technical person

Excellent communication skills, written and verbal

Other companies hiring with Ivy Exec

 Company Logos