Manager, Revenue Accounting - MGI Pharma - Bloomington, MN

Information Security Officer - MGI Pharma - Bloomington, MN

Position Overview

The Information Security Officer will assume overall responsibility for the central data security and privacy policies, architecture, and procedures. In addition, they will work with IT Operations and IT management to create, document, implement, and manage policies, procedures, and practices that ensure the availability, integrity, and privacy of information assets on centrally managed computer systems as well as assist in the compliance and adherence of relevant information technology laws and policies.

Critical Performance Areas

1. The Information Security Officer monitors all MGI enterprise networks and applications to identify security deficiencies and then remediate, or consults on appropriate remediation.

2. This position also leads the development of a security architecture in line with the overall information technology (IT) strategy, business objectives and the regulatory environment.

3. Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.

Essential Job Functions

· Analyze and evaluate IT security risks and controls within the MGI infrastructure

· Perform risk and security assessments, as well as tool evaluation

· Design and guide the implementation of information protection architecture and security

· Provide IT risk reduction recommendations

· Ensure that new technical and application tools incorporate appropriate security controls

· Provide Managerial and Technical guidance and manage all aspects of security projects

· Monitor changes in legislation and accreditation standards that affect information security

· Initiate, facilitate, and promote activities to foster information security awareness within MGI Pharma

· Prepare detailed status reports at the engineering, managerial, and executive levels

· Contribute to strategic planning while ensuring that deliverables meet business requirements

· A wide degree of creativity and latitude is expected

· Contribute to a positive team attitude

· Other duties as Required.
REQUIREMENTS


· 4-year college degree

· CISSP, CISA, and/or CCNA certification

· 7 to 10 years experience related to the duties and responsibilities specified.

· 5+ years experience within the Information Security field

· Knowledge of current technological trends and developments in the area of information security.

· Working knowledge of a broad range of relevant systems platforms, to include Solaris, Windows, Linux, PC, enterprise Data Storage, and Internet Services

· Knowledge of IT security products and techniques, network infrastructure, applications, and equipment pertinent to a large, distributed, heterogeneous computing environment.

· Expertise in systems level management of Solaris, Linux, and Microsoft operating systems.

· Ability to appropriately identify and assess user work patterns, information usage and requirements, as well as IT security constraints

· Ability to plan, implement, test, and monitor information security solutions

· Ability to make financial evaluations and develop proposals regarding current/future systems capabilities and requirements

· Ability to plan, design, develop, and manage integrated security systems solutions to organizational requirements.

· Ability to develop and write systems and applications security policies, documentation, and guidelines for technical staff and users.

· Experience with change management and project management.

· Successful candidates must have strong customer service skills, including the ability to work with technical and non-technical users at all levels of the organization.

· This role requires solid verbal and written communication skills, good negotiating skills, and the ability to manage multiple priorities successfully

Other Desired Skills/Abilities

· Working knowledge of regulatory requirements (Sarbanes-Oxley, 21 CFR Part 11, HIPAA)

· Applied knowledge of WAN/LAN technologies: TCP/IP, IPSEC, VPN, PROXY, DHCP, DNS, WINS, SMTP, SSL

· Strong understanding of Cisco network equipment, CheckPoint, routers, switches, firewall, VPN concentrators

· Experience with IDS/IPS and other security mechanisms

NOTE: This job description is not intended to be all-inclusive. Associate may perform other duties to meet the ongoing needs of the organization.

AN EQUAL OPPORTUNITY EMPLOYER