Corporate Chief Information Security Officer (CISO)

Waltham MA US
Jun 19, 2017
Oct 03, 2017
Organization Type
Full Time
Company Overview: PerkinElmer is a leading global provider of products, services and solutions for the diagnostics, food, environmental, industrial, life sciences research and laboratory services markets. For example, PerkinElmer supports the potentially life-saving screening of nearly 40 million newborn babies each year and manages hundreds of thousands of scientific instruments within our lab services business OneSource. Our strategy is to develop and deliver innovative products, services and solutions in high-growth markets that utilize our knowledge and expertise to address customers' critical needs and drive scientific breakthroughs. To execute on our strategy and accelerate revenue growth, we focus on broadening our offerings through both the acquisition of innovative technology and investment in research and development.

Position Overview: PerkinElmer is optimizing their enterprise IT operations while transforming their business model and needs an experienced, forward-thinking security leader to become their next Chief Information Security Officer (CISO). The new CISO will be responsible for designing, implementing, and maintaining an efficient Information Security Program to help drive the security transformation of the company. Security and data privacy is of paramount importance to current and future IoT (Internet of Things) and Big Data opportunities within food, pharmaceutical, diagnostics and other customer laboratories worldwide. The CISO will have responsibility for establishing and ensuring the security of PerkinElmer products and services within these exciting and impactful industries. The CISO will also drive security through the enterprise IT program, including: security policy, security architecture, and security across technology, people, and process. The CISO is responsible for reporting the status of the program to the CIO, the executive committee, the CEO, and the Board.

The CISO is responsible for establishing and maintaining the enterprise-wide, global security program for the purpose of protecting the organization, affiliate, and client information as well as business and technical intellectual property and assets. Role and Responsibilities:
  • Plan and implement a comprehensive Information Security Program for PerkinElmer
    • Advise PerkinElmer business executives on potential information security risks and recommend actions in line with overall company risk management and acceptance at appropriate levels.
    • Plan, establish and maintain a Cyber Security organization to implement and maintain the InfoSec Program and operations in coordination with the overall IT team.
    • Plan and update the security architecture for current and future technology needs, specifically including cloud services (IaaS, PaaS, and SaaS). Identify the security technologies needed to implement the security architecture efficiently.
    • Develop and maintain comprehensive information security and privacy policies, procedures, and guidelines in compliance with appropriate regulations and practices, including the following: Sarbanes-Oxley (SOX), PCI DSS, FDA CFR Part 11, ISO 9001, NIST Cyber Framework, ISO 27001, and GDPR.
    • Develop, maintain, and test infrastructure cybersecurity incident response plans.
    • Develop and maintain a Risk Metrics program that demonstrates value and efficiency, through risk reduction, of the overall security program.
  • Ensure that PerkinElmer establishes, maintains, and matures the following IT processes:
    Information Security Incident Prevention, Detection, and Response
    Prevention, Detection, and Analysis of malicious activity
    Vulnerability Assessment
    Identity and Access Management
    Data Protection
  • Ensure effective business continuity and response programs are in place and maintained (including digital forensics).
  • Partner with the IT Operations team to manage the overall security of Enterprise IT systems.
  • Partner with the Chief Risk Officer to manage on-going Company-wide security risk assessment and status reporting efforts.

    Focus Area - Cloud Security:
    It is critical that the applicant have an understanding of cloud-based security technologies and have the capacity to drive or advise a wide range of cloud security architectural, policy, and implementation efforts.

    Focus Area - Product and Service Security:
    The CISO will establish security requirements for PerkinElmer products and services, which includes:
  • A product security capability that focuses on product security requirements and issues, and is aligned to PerkinElmer's product lifecycles.
  • Collaboration with PerkinElmer leadership to create and implement product cybersecurity strategies.
  • Product security policies that encompass the entire product/service lifecycle, from design through production planning, validation, manufacture, distribution and service.
  • Working with PerkinElmer to collect and maintain information from cyber security vulnerability testing and analysis for both PerkinElmer products and supplier products.
  • Working with manufacturing teams to ensure effective cybersecurity throughout the manufacturing environment.
  • Ensuring all products and services are appropriately reviewed from a cybersecurity perspective (scans, red team testing, risk reviews) before and during deployment.
  • Ensuring product/service intelligence activities are in place, along with product incident response plans.
Knowledge, Skills, Abilities, and Other Characteristics
  • Strong knowledge of information security principles and practices
  • Clear ability to communicate persuasively with senior executives up to the board level
  • Medical Device program management and product lifecycle management
  • Business Case development
  • Ability to prepare, justify and manage an information security budget