Cybersecurity, Governance & Assurance Manager

Role Summary

Lead Perrigo’s global cybersecurity governance and assurance program, ensuring strong policies, compliance, vendor risk oversight, and security awareness across IT and manufacturing environments. Functionally lead a team of information security professionals to deliver governance and assurance objectives.

Responsibilities

• Update Global and EU Information Security Policies; draft and maintain SOPs and standards.
• Define board-level KPIs and dashboards; represent Security Governance on the Perrigo Compliance Committee (quarterly).
• Create and publish the monthly cybersecurity newsletter; manage phishing simulations; oversee quarterly security training and annual privileged access training.
• Perform vendor security risk assessments; review MSAs for security clauses; respond to vendor questionnaires; monitor high-risk vendors quarterly.
• Conduct security assessments for vendor applications; participate in Digital Review Board bi-weekly meetings.
• Execute internal security audits; maintain audit readiness for ISO 27001, SOX ITGC, GDPR, and other regulations.
• Partner with audit, compliance, privacy, and legal teams.
• Functionally lead a team of information security members to deliver governance and assurance initiatives.
• Collaborate across IT and business units to promote awareness of information security and its role in protecting Perrigo‚Äôs data and technology assets.
• Cybersecurity Assurance and Operational Technology (OT) Security Assurance: Oversee assurance activities across IT and OT environments.
• Stay current with emerging technologies (e.g., artificial intelligence) and proactively recommend security and risk management strategies that align with and support business objectives.

Qualifications

• Proven experience in cybersecurity assurance and OT security assurance leadership.
• Certifications: CISSP, CISM, CRISC, IAPP, ISO 27001 Lead Auditor preferred.
• Strong executive communication and stakeholder management skills.
• Bachelor's degree in a related field; minimum of 5+ years in cybersecurity and 2+ years in a governance/assurance leadership role.