Chief Information Security Officer & Chief Security Officer

Paris - France

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Title:

Chief Information Security Officer & Chief Security Officer

Company:

Ipsen Pharma (SAS)

About Ipsen:

Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology Rare Disease and Neuroscience. Supported by nearly 100 years of development experience with global hubs in the U.S. France and the U.K we tackle areas of high unmet medical need through research and innovation.

Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries. We build a workplace that champions human-centric leadership and fosters a culture of collaboration excellence and impact. At Ipsen every individual is empowered to be their true selves grow and thrive alongside the companys success. Join us on our journey towards sustainable growth creating real impact on patients and society!

For more information visit us at follow our latest news on LinkedIn and Instagram.

Job Description:

The Chief Information Security Officer / Chief Security Officer (CISO / CSO) is accountable for security for Ipsen Group. The role holder leads the multidisciplinary Global Security team who cover all aspects of security: cyber data manufacturing physical anti-counterfeit travel and corporate investigations. Acting as a figurehead to the Executive the CSO / CISO is responsible for building out proportionate and effective security controls with key teams (including IT Real Estate and affiliates) and in line with corporate risk tolerance. A key aspect of the role is leading the detection and response of security incidents (in whatever form) globally and ensuring that Group business priorities can continue without the fear of security compromise. Leading the Global Security team means stretching and retaining a diverse and high performing team managing budget priorities as well as acting as a figurehead within the General Counsel Leadership Team and broader Global Leadership Team.

Main Responsibilities & Technical Competencies

Enterprise Security Strategy

Define and implement the organisations global security strategy aligned with enterprise risk management regulatory obligations and business priorities.

Enterprise security architecture and converged security strategy
Security governance aligned to NIST CSF and related standards
Enterprise risk assessment and cyber risk quantification
Security maturity modelling and capability development
Security investment prioritisation and program governance

Physical Security and Global Security Programs

Establish and maintain a global Site Assurance Program applying proportionate risk-based physical security standards across facilities and operations.

Physical security systems including access control CCTV and intrusion detection
Facility risk and vulnerability assessment methodologies
Integration of physical security monitoring with enterprise security operations
Security technology platforms and analytics

Executive Protection

Lead a comprehensive Executive Protection Program supporting senior leaders and other high-risk individuals.

Protective intelligence and threat assessment
Executive risk management and secure travel planning
Digital exposure monitoring and threat detection

Global Travel Protection

Protect employees travelling internationally through proactive risk management and rapid incident response.

Travel risk intelligence platforms and geopolitical monitoring
Real-time traveller tracking and emergency notification systems
Crisis coordination and duty-of-care technologies

Security Awareness and Human Risk

Build a strong security culture through targeted risk-based awareness and education programs.

Human risk management frameworks
Phishing simulation and behavioural security analytics
Enterprise security awareness platforms and program metrics

People-Centred Security Controls

Strengthen organisational resilience through intelligent security controls that reduce human-driven risk.

Insider threat detection and behavioural monitoring
Data loss prevention and adaptive authentication technologies

Product Security and Anti-Counterfeit

Protect products supply chains and brand integrity from counterfeiting diversion and illicit trade.

Product authentication technologies
Supply chain security and monitoring frameworks
Intelligence collection and analysis on illicit trade networks
Investigative collaboration with regulatory and law enforcement agencies

Corporate Investigations

Oversee global investigative capabilities addressing serious misconduct fraud and security incidents.

Investigation governance frameworks and case management systems
Digital forensics and evidence handling standards
Investigative analytics and intelligence reporting
Development of a global Centre of Investigative Excellence

Cyber Risk Identification

Identify and assess cyber risks to systems data and supply chains.

Enterprise asset and data classification frameworks
Threat modelling and attack surface management
Third-party and supply chain security risk assessment
Regulatory and policy compliance management

Protection and Resilience

Implement controls to protect systems networks and information assets.

Identity and access management and privileged access controls
Encryption data protection and information governance
Security architecture across cloud network endpoint and OT environments

Detection Response and Recovery

Ensure rapid detection containment and recovery from cyber incidents.

Security Operations Centre (SOC) operations and SIEM platforms
Threat intelligence and threat hunting capabilities
Incident response frameworks and digital forensics
Disaster recovery and cyber resilience planning

Leadership and Governance

Provide visible leadership for the global security function and serve as the principal advisor on security risk to senior leadership and the Board.

Set strategic direction and oversee operational performance across all security domains
Build and develop high-performing multidisciplinary security teams
Manage security investments budgets and resource allocation
Support the Global Corporate Leadership Team (GCLT)
Lead engagement with the Global Leadership Team (GLT) Executive Leadership Team (ELT) and Board Committees
Act as the senior figurehead for security across the Group
Enterprise security program management
Security performance metrics and reporting
Board-level cyber risk communication and governance

Nous nous engageons à créer un lieu de travail où chacun se sent écouté valorisé et soutenu où nous incarnons The Real Us*. La valeur que nous accordons aux différentes perspectives et expériences motive notre engagement en faveur de linclusion et de légalité des chances. Lorsque nous intégrons des modes de pensée diversifiés nous prenons des décisions plus réfléchies et découvrons des solutions plus innovantes. Ensemble nous nous efforçons de mieux comprendre les communautés que nous servons. Cela signifie que nous voulons également vous aider à donner le meilleur de vous-même lorsque vous postulez à un poste chez nous. Si vous avez besoin daménagements ou daide pendant le processus de candidature veuillez en informer léquipe de recrutement. Ces informations seront traitées avec soin et nauront aucune incidence sur le résultat de votre candidature. *Soyons nous-même

Required Experience:

Chief

Title:Chief Information Security Officer & Chief Security OfficerCompany:Ipsen Pharma (SAS)About Ipsen:Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology Rare Disease and Neuroscience. Supported by nearly 100 years of d...

Title:

Chief Information Security Officer & Chief Security Officer

Company:

Ipsen Pharma (SAS)

About Ipsen:

For more information visit us at follow our latest news on LinkedIn and Instagram.

Job Description:

Main Responsibilities & Technical Competencies

Enterprise Security Strategy

Define and implement the organisations global security strategy aligned with enterprise risk management regulatory obligations and business priorities.

Enterprise security architecture and converged security strategy
Security governance aligned to NIST CSF and related standards
Enterprise risk assessment and cyber risk quantification
Security maturity modelling and capability development
Security investment prioritisation and program governance

Physical Security and Global Security Programs

Establish and maintain a global Site Assurance Program applying proportionate risk-based physical security standards across facilities and operations.

Physical security systems including access control CCTV and intrusion detection
Facility risk and vulnerability assessment methodologies
Integration of physical security monitoring with enterprise security operations
Security technology platforms and analytics

Executive Protection

Lead a comprehensive Executive Protection Program supporting senior leaders and other high-risk individuals.

Protective intelligence and threat assessment
Executive risk management and secure travel planning
Digital exposure monitoring and threat detection

Global Travel Protection

Protect employees travelling internationally through proactive risk management and rapid incident response.

Travel risk intelligence platforms and geopolitical monitoring
Real-time traveller tracking and emergency notification systems
Crisis coordination and duty-of-care technologies

Security Awareness and Human Risk

Build a strong security culture through targeted risk-based awareness and education programs.

Human risk management frameworks
Phishing simulation and behavioural security analytics
Enterprise security awareness platforms and program metrics

People-Centred Security Controls

Strengthen organisational resilience through intelligent security controls that reduce human-driven risk.

Insider threat detection and behavioural monitoring
Data loss prevention and adaptive authentication technologies

Product Security and Anti-Counterfeit

Protect products supply chains and brand integrity from counterfeiting diversion and illicit trade.

Product authentication technologies
Supply chain security and monitoring frameworks
Intelligence collection and analysis on illicit trade networks
Investigative collaboration with regulatory and law enforcement agencies

Corporate Investigations

Oversee global investigative capabilities addressing serious misconduct fraud and security incidents.

Investigation governance frameworks and case management systems
Digital forensics and evidence handling standards
Investigative analytics and intelligence reporting
Development of a global Centre of Investigative Excellence

Cyber Risk Identification

Identify and assess cyber risks to systems data and supply chains.

Enterprise asset and data classification frameworks
Threat modelling and attack surface management
Third-party and supply chain security risk assessment
Regulatory and policy compliance management

Protection and Resilience

Implement controls to protect systems networks and information assets.

Identity and access management and privileged access controls
Encryption data protection and information governance
Security architecture across cloud network endpoint and OT environments

Detection Response and Recovery

Ensure rapid detection containment and recovery from cyber incidents.

Security Operations Centre (SOC) operations and SIEM platforms
Threat intelligence and threat hunting capabilities
Incident response frameworks and digital forensics
Disaster recovery and cyber resilience planning

Leadership and Governance

Provide visible leadership for the global security function and serve as the principal advisor on security risk to senior leadership and the Board.

Set strategic direction and oversee operational performance across all security domains
Build and develop high-performing multidisciplinary security teams
Manage security investments budgets and resource allocation
Support the Global Corporate Leadership Team (GCLT)
Lead engagement with the Global Leadership Team (GLT) Executive Leadership Team (ELT) and Board Committees
Act as the senior figurehead for security across the Group
Enterprise security program management
Security performance metrics and reporting
Board-level cyber risk communication and governance

Required Experience:

Chief