Regional Information Risk Assurance Lead

We are seeking a highly skilled professional to lead our third-party risk management program. The successful candidate will execute the full lifecycle of information security and data privacy third-party risk assessments, lead control assessment activities, and collaborate with internal stakeholders to recommend necessary security and privacy controls.

The key objectives of this role include:

• Executing third-party risk assessments and control assessments to identify control effectiveness, maturity, and areas for improvement.
• Collaborating with internal stakeholders to recommend necessary security and privacy controls to mitigate risks to Takeda.
• Evangelizing third-party risk management processes across business lines to influence a strong culture of proactive awareness for third-party security risks.
• Leading and fostering a positive end-user experience with business stakeholders by enhancing our program to accommodate an agile business environment.

Accountabilities

• Leading and maturing the third-party risk management process framework for security and privacy risk, including necessary standards, procedures, and technologies.
• Providing leadership to internal third-party relationship owners or third-party representatives in their efforts to provide responses to the security and privacy risk assessment questionnaire.
• Effectively translating third-party responses to assessment questionnaires into concise risk exposure reporting for delivery to internal stakeholders.
• Partnering with internal stakeholders to recommend necessary security and privacy controls to effectively mitigate risks to Takeda.

Technical/Functional Expertise

• Experience in evaluating third-parties for the presence of fundamental information security and data privacy controls.
• Experience conducting risk assessments and applying concepts of inherent and residual risk to draw appropriate conclusions and articulate the same to non-technical audiences.
• Ability to effectively negotiate appropriate remediation of security gaps with third-party representatives to ensure protection of Takeda information.

Leadership

• Identifying, planning, and helping lead future third-party risk management continuous monitoring and enhancements.
• Influencing action across various business lines and geographies to achieve program objectives.
• Ability to effectively manage conflicting priorities in alignment with overall business and departmental strategies.

Educational Requirements

• Bachelor’s degree or equivalent.
• 8+ years of proven experience in information security and/or third-party risk management.
• Experience leading a team of risk analysts.
• Demonstrated understanding of security principles, IT security controls, and related technologies and products.

Desired Qualifications

• CISSP or CISM certification.
• Pharmaceutical industry experience is helpful.
• MBA or advanced degree preferred.

Takeda is an equal opportunity employer and is committed to creating a diverse workforce. We are proud to be a Global Top Employer and offer stimulating careers, encourage innovation, and strive for excellence in everything we do.

Equal Employment Opportunity

Takeda is proud in its commitment to creating a diverse workforce and providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, parental status, national origin, age, disability, citizenship status, genetic information or characteristics, marital status, or any other characteristic protected by law.