IT Regional Security Officer

Role Overview

The Regional Information Security Officer (RISO) is responsible for establishing leading and continuously improving a comprehensive regional cybersecurity and risk management program for the Clinical Diagnostics U.S. National Business Line (NBL).

The RISO provides strategic leadership to manage information security risk ensure alignment with business objectives enable effective governance and drive appropriate adoption of Eurofins Group security services policies and standards across the region.

This role partners closely with business and IT leadership to proactively identify assess and remediate security risks while supporting operational scalability and regulatory compliance.

Key Responsibilities

Regional Security Leadership & Governance

• Lead and manage the regional information security function ensuring consistent high-quality security practices aligned with Eurofins Group standards and relevant localized requirements
• Provide security oversight for regional infrastructure and solution delivery teams embedding security into day-to-day operations
• Collaborate closely with the Group Information Security organization to implement global standards and execute regional action plans
• Provide executive-level visibility into regional security posture risks and remediation efforts

Risk Management & Compliance

• Conduct information security risk assessments in accordance with ISO 31000 and NIST 800-30 including oversight of risk treatment plans
• Ensure all information within scope is handled in compliance with applicable statutory regulatory legal and contractual requirements (e.g. HIPAA GDPR CCPA)
• Drive consistent execution of vulnerability management and remediation activities
• Support internal and external audits including customer security assessments

Security Assurance & Technical Oversight

• Ensure security is integrated into project delivery processes through policies standards and active oversight
• Advise IT and business stakeholders on security requirements related to system selection implementation configuration and operation
• Plan and oversee third-party security assessments including penetration testing and SOC 2 Type II audits
• Partner with Regional Security Support (RSS) teams to review and approve security related changes and requests

Awareness Resilience & Collaboration

• Ensure ongoing security awareness and training through the centralized LMS platform
• Drive collaboration with business and IT teams on business continuity and disaster recovery initiatives
• Support periodic access reviews and physical security considerations within scope
• Partner with Legal Audit Risk Compliance and Operations teams as required

Qualifications :

Qualifications

Required Profile

• 710 years of progressive experience in information security including at least 5 years in a leadership role
• Bachelors degree in computer science information security or a related field
• CISSP and/or CISM certification preferred.
• Demonstrated experience in healthcare laboratory or other highly regulated environments (healthcare or laboratory strongly preferred).
• Strong knowledge of security governance and risk frameworks such as HITRUST CSF ISO 27001 NIST 800-series and NIST CSF.
• Working knowledge of IT governance frameworks (e.g. ITIL COBIT 2019).
• Experience establishing and reporting on cybersecurity and risk metrics.

Leadership & Communication Skills

• Strong emotional intelligence with the ability to influence and lead across diverse stakeholder groups.
• Proven ability to communicate security and risk concepts to both technical and non-technical audiences.
• Experience leading personnel in cross-functional initiatives.
• Comfortable operating in complex fast-paced environments with ambiguity and competing priorities.
• Demonstrated ability to work effectively across geographies and cultures.

Additional Information :

Working hours:

Monday to Friday - 08:00 to 17:00 Hybrid Work

Remote Work :

No

Employment Type :

Full-time