Lantheus is headquartered in Bedford, Massachusetts with offices in New Jersey, Canada, and Sweden. For more than 60 years, Lantheus has been instrumental in pioneering the field of medical imaging and have helped physicians enhance patient care with our broad product portfolio.
Lantheus is an entrepreneurial, agile, growing organization that provides innovative diagnostics, targeted therapeutics, and artificial intelligence (AI) solutions that empower clinicians to find, fight and follow disease. Lantheus is in search of an innovative, transformative, high-energy, experienced Chief Information Security Officer.
The Chief Information Security Officer (CISO) is responsible for the enterprise-wide information security policy, information security strategy, information security architecture, information security operations, and information security risk management. They will oversee and coordinate security initiatives working with executive, business and functional leaders and staff. The CISO will provide vision and leadership necessary to manage risk to the organization to ensure business alignment, effective governance, operational efficiency and performance monitoring and measurement. The CISO will provide executive level decision support through both informal and formal means, including but not limited to executive level metrics, dashboards, risk analysis and mitigation, acceptance and reporting.
Responsibilities:
- Provide vision and leadership to develop and execute on an enterprise information security strategy and roadmap. Align with enterprise business strategy, gain executive approval and support, and oversee successful execution.
- Develop and maintain practical and actionable information security policy and standards that reflect the needs of the business while keeping pace with changes in the business environment, technology and threats in order to effectively mitigate and manage risk to the business.
- Develop and maintain a highly qualified staff of information security professionals across the enterprise. Build and maintain executive relationships necessary for the successful execution of the information security program.
- Develop and implement an information security risk profile that prioritizes risk and the investment and financial strategy required to mitigate those risks.
- Create and maintain security architecture for the enterprise and participate in the solution selection and process development.
- Develop security requirements for information technology infrastructure initiatives, selected enterprise applications and, as appropriate, review and approve security design of initiatives.
- Measure compliance with policy as part of assessing the overall security risk posture of the enterprise, and initiate programs to achieve and maintain an adequate security posture.
- Develop and maintain external and internal relationships to influence security policy, standards and programs and enhance secure interoperability with extended entities.
- Leverage information security investments to enhance business, administration and compliance processes.
- Develop and employ an ongoing information security communications, training and awareness program tailored to the evolving needs of the business and specific requirements of various user groups.
- Develop and make available a catalog of security services to support company and business unit security needs.
- Develop and maintain a responsive and effective information security incident response and management capability that will identify, contain and resolve information security incidents.
Qualifications:
- Bachelor’s degree in computer science, information systems, engineering, business administration or a related field is required.
- Minimum of 10 years executive leadership in information security policy, standards, architecture, technology and programs.
- Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management.
- Must have a track record of developing and implementing a comprehensive strategy and plan for managing information security.
- Ability to gather, analyze and interpret business drivers and developing practical security solutions that provide adequate security to support the business.
- Possess a good understanding of appropriate leading-edge technologies.
- Known to relevant technology companies as a thought leader around security, privacy and supporting technologies.
- Demonstrated ability to build effective, cohesive and collaborative management team.
- Extensive experience building and managing a diverse and inclusive team environment with strong commitment to respect, equality and teaming.
- Strong demonstrated ability to skillfully hire, develop, lead, motivate, performance manage, and coach a cross-section of security and technology professionals and managers.
Competencies for success:
- Leadership skills: Must have the proven ability to lead the development, planning, coordination, and monitoring of all security and information security risk management-related process, technology and operations, and be a key part of the overall leadership for all aspects of information security. This leader will be known as a collaborative and influential executive who can serve as an effective member of the executive management team at BCBSM. Must be able to communicate effectively regarding security, privacy, risk, compliance, strategy and the required investments to senior business leaders.
- Security knowledge: Able to draw upon proven experience to recommend and gain buy-in to numerous information security policies and solutions. They will be able to lead a team by demonstrating subject matter expertise. This individual is able to represent the interests of the organization and gain support from stakeholders.
- Ability to deliver: This individual will have the proven ability to lead large, complex projects across various business and functional departments as they pertain to risk and security matters. They can create a project management mindset with clearly objectives, goals and process.