Chief Information Security Officer

About Ipsen:

Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology Rare Disease and Neuroscience. Supported by nearly 100 years of development experience with global hubs in the U.S. France and the U.K we tackle areas of high unmet medical need through research and innovation.

Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries. We build a workplace that champions human-centric leadership and fosters a culture of collaboration excellence and impact. At Ipsen every individual is empowered to be their true selves grow and thrive alongside the companys success. Join us on our journey towards sustainable growth creating real impact on patients and society!

For more information visit us at follow our latest news on LinkedIn and Instagram.

The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the companys physical digital and intellectual a pharmaceutical context this includes safeguarding sensitive R&D data clinical trial information patient privacy and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity regulatory compliance physical security and internal investigations. This role includes building and managing a multidisciplinary security and investigations team ensuring alignment with business goals and regulatory requirements.

WHAT - Main Responsibilities & Technical Competencies

Strategic Leadership

• Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends.

• Advise executive leadership and the board on risk posture threat landscape and investment priorities.

• Lead cross-functional initiatives to embed security into digital transformation innovation and operational excellence.

• Establish KPIs and performance metrics to measure and improve security effectiveness.

Cybersecurity & IT Security

• Oversee the design and implementation of cybersecurity architecture and controls.

• Ensure protection of IT infrastructure cloud environments and sensitive data.

• Lead incident response threat intelligence and vulnerability management programs.

• Maintain compliance with global standards (e.g. ISO 27001 NIST GDPR HIPAA).

Governance Risk & Compliance

• Develop and enforce enterprise-wide security policies and procedures.

• In alignment with the business ethics team ensure compliance with pharmaceutical regulations (e.g. FDA EMA GxP).

• Conduct risk assessments internal audits and third-party security evaluations.

• Report regularly to senior leadership on risk mitigation and compliance status.

Investigations & Incident Management

• Establish and lead an internal investigations function to address security breaches misconduct and regulatory violations.

• Build and manage a team of investigators and analysts with expertise in digital forensics compliance and legal coordination.

• Collaborate with HR Legal and external agencies on sensitive investigations and disciplinary actions.

• Ensure thorough documentation reporting and resolution of incidents in line with legal and regulatory standards.

Fraud Management

• Develop and implement a fraud prevention and detection framework across the organization.

• Lead investigations into suspected fraud misconduct and financial irregularities.

• Collaborate with Finance Legal and Compliance to ensure timely resolution and reporting of fraud cases.

• Maintain a whistleblower program and ensure confidentiality and integrity in handling reports.

• Monitor fraud trends and proactively adjust controls and training programs.

Team Management & Development

• Build and lead a multidisciplinary security team (cybersecurity physical security investigations risk management).

• Define roles responsibilities and career development paths for team members.

• Foster a culture of accountability agility and continuous learning.

• Manage vendor relationships and external consultants as needed.

Physical & Operational Security

• Oversee facility security access control and surveillance systems.

• Coordinate with facilities and operations on emergency preparedness and response.

• Develop and test business continuity and disaster recovery plans.

Stakeholder Engagement

• Partner with various functions & business leaders including Legal Regulatory Affairs R&D and Medical Affairs to align security with business needs.

• Lead security awareness and training programs across the organization.

• Represent the company in external forums industry groups and regulatory engagements.

HOW - Knowledge & Experience

Skills:

• Technical depth in cybersecurity and investigations

• Leadership and team development

• Fraud detection and prevention expertise

• Regulatory and compliance acumen

• Communication and stakeholder management

• Crisis and incident response

Knowledge & Experience:

• 15 years of experience in security leadership preferably in pharma or life sciences.

• Proven track record in strategic planning investigations fraud management and team leadership.

• Certifications such as CISSP CISM CISA CRISC or CFE (Certified Fraud Examiner) are highly desirable.

• Strong understanding of regulatory environments and risk management frameworks.

Education / Certifications : Bachelors or Masters degree in Information Security Computer Science or related field.

Language(s) : Fluency in English. Knowledge of European language is a plus for global roles.