Job OverviewThe Information Security Risk Analyst is part of the IQVIA information security organization, responsible for maintain and executing IQVIA's risk management program, which is designed to ensure that the company's IT systems and information assets are adequately protected.The individual will be responsible for identifying and evaluating information security risks and controls in a manner that meets IQVIA's regulatory and other compliance requirements. The individual will proactively engage the various clients, business units and other internal departments and organizations to analyse and advise on practices that meet IQVIA's defined policies and standards for information risk management.The ideal candidate will have a background in information security, risk management, and compliance, with the ability to identify vulnerabilities and implement effective security measures. They will demonstrate an ability to work independently and in an organized manner. They will communicate effectively and demonstrate strong technical ability and experience, as well as diplomacy and the ability to work calmly under pressure.Essential ResponsibilitiesConducts comprehensive risk and control assessments and reviews of various operations, including determining scope, assessing risks, executing test procedures, reporting results and making recommendations for improvementEvaluates compliance with legal, regulatory, operational and IT policies and procedures, and partners with stakeholders to develop sustainable remediation plans to security issues and control gaps, and actively drives issues and risks to closureWorks with others to help identify advanced security risks and exposures, determine the causes of security non-compliances, designs and recommends solutions to prevent and mitigate future incidentsFollows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been takenMonitors and tracks supplier security advisories and notificationsPrepares detailed reports on information security risks, findings and recommend actions for senior managementEvolves the risk monitoring program to identify opportunities for enhancements and manages the risk exception processPartners with the technology organization to implement and maintain IQVIA's integrated control framework, which includes requirements from NIST CSF, COBIT, HIPAA and other frameworksQualificationsBachelor's degree in Information Security, Computer Science, or a related fieldEquivalent work experience may substitute for degree3+ years of experience in information security and risk managementStrong knowledge of information security frameworks, standards and best practicesExcellent analytical and problem-solving skillsStrong communication and interpersonal skillsAbility to work independently and as part of a teamProfessional certifications such as CISSP, CISM, CISA or CRISC are a plus

IQVIA is a leading global provider of clinical research services, commercial insights and healthcare intelligence to the life sciences and healthcare industries. We create intelligent connections to accelerate the development and commercialization of innovative medical treatments to help improve patient outcomes and population health worldwide. Learn more at https://jobs.iqvia.com