Job Information
Abeona IT Security & Risk Manager in Cleveland, Ohio
Abeona Therapeutics Inc. (ABEO) is a clinical-stage biopharmaceutical company developing cell & gene therapies for serious and life-threatening diseases. Pz-cel is a genetically engineered, autologous cell therapy for patients with recessive dystrophic epidermolysis bullosa (RDEB).
Job Description
As an IT Security and Risk Manager at Abeona Therapeutics, you will play a critical role in safeguarding our organization’s information assets and ensuring compliance with security standards. You’ll collaborate with cross-functional teams to identify and mitigate risks, implement security measures, and maintain a robust security posture.
Responsibilities:
Develop and implement the organization's information security strategy and roadmap.
Align information security initiatives with business objectives.
Stay current with the latest cybersecurity trends, threats, and technologies.
Establish and enforce information security policies and procedures.
Ensure compliance with relevant regulations and standards (e.g., FDA, 21 CFR Part 1271, 12 CFR Part 600, 21 CFR Part 610, CBER).
Conduct regular security assessments and audits.
Identify and assess information security risks.
Develop and implement risk mitigation strategies.
Monitor and report on the status of risk mitigation efforts.
Develop and maintain an incident response plan.
Lead and coordinate the response to security incidents.
Conduct post-incident analysis and implement improvements.
Promote a culture of security awareness across the organization.
Develop and deliver security training programs for employees.
Design and implement a secure information architecture.
Evaluate and recommend security technologies.
Assess and manage the security posture of third-party vendors.
Ensure vendors comply with security requirements.
Requirements:
Bachelor’s degree in Information Security, Computer Science, or a STEM related field.
Industry certifications such as CISSP, CISM, or CISA are preferred.
A minimum of 5 years of experience in information security
Experience in developing and implementing information security programs.
Strong understanding of security technologies and tools.
Knowledge of network security, encryption, authentication, and security protocols.
Excellent communication and interpersonal skills.
Ability to communicate complex security concepts to non-technical stakeholders.
Strong leadership and management skills.
Powered by JazzHR