Chief Information Security Officer

Location: Greater London

Cookie Notice## Chief Information Security Officer
*
* Title:

** Chief Information Security Officer
** Company:
** Ipsen Pharma (SAS)
** About Ipsen:
** Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas:
Oncology, Rare Disease and Neuroscience. Supported by nearly 100 years of development experience, with global hubs in the U.S., France and the U.K, we tackle areas of high unmet medical need through research and innovation. Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries.

We build a workplace that champions human-centric leadership and fosters a culture of collaboration, excellence and impact. At Ipsen, every individual is empowered to be their true selves, grow and thrive alongside the company’s success. Join us on our journey towards sustainable growth, creating real impact on patients and society!

For more information, visit us at and follow our latest news on and .
*
* Job Description:

** The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the company’s physical, digital, and intellectual assets. In a pharmaceutical context, this includes safeguarding sensitive R&D data, clinical trial information, patient privacy, and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity, regulatory compliance, physical security, and internal investigations. This role includes building and managing a multidisciplinary security and investigations team, ensuring alignment with business goals and regulatory requirements.
** WHAT -*
* ** Main Responsibilities & Technical Competencies
**** Strategic Leadership
*** Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends.
* Advise executive leadership and the board on risk posture, threat landscape, and investment priorities.
* Lead cross-functional initiatives to embed security into digital transformation, innovation, and operational excellence.
* Establish KPIs and performance metrics to measure and improve security effectiveness.
** Cybersecurity & IT Security
*** Oversee the design and implementation of cybersecurity architecture and controls.
* Ensure protection of IT infrastructure, cloud environments, and sensitive data.
* Lead incident response, threat intelligence, and vulnerability management programs.
* Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA).
** Governance, Risk & Compliance
*** Develop and enforce enterprise-wide security policies and procedures.
* In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g., FDA, EMA, GxP).
* Conduct risk assessments, internal audits, and third-party security evaluations.
* Report regularly to senior leadership on risk mitigation and compliance status.
** Investigations & Incident Management
*** Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations.
* Build and manage a team of investigators and analysts with expertise in digital forensics, compliance, and legal coordination.
* Collaborate with HR, Legal, and external agencies on sensitive investigations and disciplinary actions.
* Ensure thorough documentation, reporting, and resolution of incidents in line with legal and regulatory standards.
** Fraud Management
*** Develop and implement a fraud prevention and detection framework across the organization.
* Lead investigations into suspected fraud, misconduct, and financial irregularities.
* Collaborate with Finance, Legal, and Compliance to ensure timely resolution and reporting of fraud cases.
* Maintain a whistle blower program and ensure confidentiality and integrity in handling reports.
* Monitor fraud trends and proactively adjust controls and training programs.
** Team Management & Development
*** Build and lead a multidisciplinary security team (cybersecurity, physical security, investigations, risk management).
* Define roles, responsibilities, and career development paths for team members.
* Foster a culture of accountability, agility, and continuous learning.
* Manage vendor relationships and external consultants as needed.
** Physical & Operational Security
*** Oversee facility security, access control, and surveillance systems.
* Coordinate with facilities and operations on emergency preparedness and response.
* Develop and test business continuity and disaster recovery plans.
** Stakeholder Engagement
*** Partner with various functions & business leaders including Legal, Regulatory Affairs, R&D, and Medical Affairs to align security with business needs.
* Lead security awareness and training programs across the organization.
* Represent the company in external forums, industry groups, and regulatory engagements.
** HOW - Knowledge & Experience
*
* Skills:

* Technical depth in…