Company Information
At Advarra, we are passionate about making a difference in the world of clinical research and advancing human health. With a rich history rooted in ethical review services combined with innovative technology solutions and deep industry expertise, we are at the forefront of industry change. A market leader and pioneer, Advarra breaks the silos that impede clinical research, aligning patients, sites, sponsors, and CROs in a connected ecosystem to accelerate trials.
Company Culture
Our employees are the heart of Advarra. They are the key to our success and the driving force behind our mission and vision. Our values (Patient-Centric, Ethical, Quality Focused, Collaborative) guide our actions and decisions. Knowing the impact of our work on trial participants and patients, we act with urgency and purpose to advance clinical research so that people can live happier, healthier lives.
At Advarra, we seek to foster an inclusive and collaborative environment where everyone is treated with respect and diverse perspectives are embraced. Treating one another, our clients, and clinical trial participants with empathy and care are key tenets of our culture at Advarra; we are committed to creating a workplace where each employee is not only valued but empowered to thrive and make a meaningful impact.
Job Overview Summary
The Cyber Security Senior Manager will own the Enterprise GRC Platform engineering efforts and serve as the designated Business Information Security Officer (BISO) for the Ireland office, aligning enterprise security and risk objectives with local operations and ensuring adherence to regulatory and corporate compliance requirements. Reporting directly to the Senior Director, Enterprise Security Governance, Risk, and Compliance, the BISO acts as the primary security liaison, overseeing local execution of global security programs, owning global GRC tool administration and workflows, and supporting risk management, policy adoption, and audit readiness. This role requires strong expertise in IT and security risk, effective communication with business and technology leaders, and the ability to embed security and compliance into daily operations while enabling business goals.
Job Duties & Responsibilities
* Serve as the primary security liaison for the Ireland office, ensuring alignment of local operations with global enterprise security, risk, and compliance strategy.
* Own and administer the enterprise GRC platform, including user access, workflows, control mapping and integrations, and reporting to support risk, compliance, and audit readiness.
* Provide dashboards, training, and governance to ensure consistent alignment with Advarra standards and regulatory frameworks (e.g., GDPR, ISO 27001, SOC 2, NIST).
* Partner with the IT, Compliance and Privacy Offices to assist and lead risk management efforts, including stakeholder feedback and alignment.
* Act as the local CSIRT lead and escalation for regional incident response including maintaining plans, playbooks, and logging/reporting mechanisms.
* Act as the point of contact for regional IT Security and risk audits, assessments, and compliance reviews, coordinating with Internal Audit, Legal, and Enterprise Security to address findings and remediation.
* Oversee and provide governance for Business Continuity Planning (BCP) and Disaster Recovery (DR) activities led by IT and operations, ensuring alignment with enterprise resilience expectations.
* Help in coordinating the policy governance lifecycle, including communication, awareness, and enforcement of enterprise security and compliance policies.
* Champion awareness, training, and workforce engagement to ensure staff understand their security responsibilities and adopt risk-aware behaviors.
* Partner with local business leaders to embed security and compliance requirements into local projects, operations, and technology initiatives.
* Support continuous improvement initiatives that strengthen security posture and operational efficiency for the Ireland office.
* Perform other duties as assigned to support enterprise Governance, Risk, and Compliance objectives.
Location
This role is open to candidates working hybrid in Limerick, Ireland.
Basic Qualifications
* 10 years of related experience with a Bachelor's degree; or 8 years and a Master's degree; or a PhD with 4 years' experience; or equivalent experience
* 5+ years of leadership experience in Enterprise Risk Management, IT Risk, Information Security, Compliance, or Governance
* 4+ years of previous experience in an FDA regulated and ISO9001/ISO27001 environment.
* Experience in developing, implementing, and managing enterprise-wide risk management frameworks, policies, and governance programs.
* Expert working knowledge of relevant authoritative source material (e.g., ISO 27001, HITRUST, HIPAA, PCI, GDPR, etc.) and industry best practices (e.g., NIST, FIPS, FISMA, COBIT, ITIL, State/FedRAMP etc.)
Preferred Qualifications
* Professional certifications preferred, such as:
* Certified Information Systems Security Professional (CISSP)
* Certified Information Security Manager (CISM)
* Certified in Risk and Information Systems Control (CRISC)
* Certified Internal Auditor (CIA)
* ISO 27001 Lead Implementer / Lead Auditor, or equivalent
* Expert working knowledge of security, governance, risk, compliance and privacy concepts and practices as they apply to health care and information technology
* Experience managing large, complex and high-visibility projects.
* Experience with stakeholder engagement, negotiation, and influence across technical and non-technical audiences.
* Excellent communication and organizational skills and superb attention to detail
* Experience in project management, change management, and staff training
* Expert leadership skills with the ability to work effectively at all levels of the organization
* Strong analytical, problem-solving, and decision-making skills.
* Working knowledge of cloud technologies like AWS, CSPM, etc.
* Proven ability to lead cross-functional initiatives and manage diverse stakeholder groups across business, IT, and compliance functions.
Physical And Mental Requirements
* Sit or stand for extended periods of time at stationary workstation
* Regularly carry, raise, and lower objects of up to 10 Lbs.
* Learn and comprehend basic instructions
* Focus and attention to tasks and responsibilities
* Verbal communication; listening and understanding, responding, and speaking
Advarra is an equal opportunity employer that is committed to diversity, equity and inclusion and providing a workplace that is free from discrimination and harassment of any kind based on race, color, religion, creed, sex (including pregnancy, childbirth, and related medical conditions, sexual orientation, and gender identity), national origin, age, disability or genetic information or any other status or characteristic protected by federal, state, or local law. Advarra provides equal employment opportunity to all individuals regardless of these protected characteristics. Further, Advarra takes affirmative action to ensure that applicants and employees are treated without regard to any of these protected characteristics in all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation, benefits, and separation from employment.