Chief Information Security OfficerIPSEN

Ipsen est un groupe biopharmaceutique mondial de taille moyenne, spécialisé dans les médicaments transformateurs dans trois aires thérapeutiques : l'oncologie, les maladies rares et les neurosciences. Forts de près de 100 ans d'expérience en développement, avec des Hubs mondiaux aux États-Unis, en France et au Royaume-Uni, nous focalisons nos efforts là où les besoins médicaux non satisfaits sont importants, grâce à la recherche et à l'innovation.

Nos équipes passionnées, présentes dans plus de 40 pays, se concentrent sur l'essentiel et s'efforcent chaque jour d'apporter des médicaments aux patients dans 88 pays. Nous construisons un environnement de travail qui met en avant un leadership centré sur l'humain et favorise une culture de collaboration, d'excellence et d'impact. Au sein d'Ipsen, chaque individu est encouragé à être soi-même, à grandir et à s'épanouir aux côtés du succès de l'entreprise. Rejoignez-nous dans notre démarche vers une croissance durable, en créant un impact réel sur les patients et la société.

Pour plus d'informations, visitez notre site web à l'adresse https://www.ipsen.com et suivez nos dernières actualités sur LinkedIn et Instagram.

The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the company's physical, digital, and intellectual assets. In a pharmaceutical context, this includes safeguarding sensitive R&D data, clinical trial information, patient privacy, and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity, regulatory compliance, physical security, and internal investigations. This role includes building and managing a multidisciplinary security and investigations team, ensuring alignment with business goals and regulatory requirements.

WHAT - Main Responsibilities & Technical Competencies

Strategic Leadership

• Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends.

• Advise executive leadership and the board on risk posture, threat landscape, and investment priorities.

• Lead cross-functional initiatives to embed security into digital transformation, innovation, and operational excellence.

• Establish KPIs and performance metrics to measure and improve security effectiveness.

Cybersecurity & IT Security

• Oversee the design and implementation of cybersecurity architecture and controls.

• Ensure protection of IT infrastructure, cloud environments, and sensitive data.

• Lead incident response, threat intelligence, and vulnerability management programs.

• Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA).

Governance, Risk & Compliance

• Develop and enforce enterprise-wide security policies and procedures.

• In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g., FDA, EMA, GxP).

• Conduct risk assessments, internal audits, and third-party security evaluations.

• Report regularly to senior leadership on risk mitigation and compliance status.

Investigations & Incident Management

• Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations.

• Build and manage a team of investigators and analysts with expertise in digital forensics, compliance, and legal coordination.

• Collaborate with HR, Legal, and external agencies on sensitive investigations and disciplinary actions.

• Ensure thorough documentation, reporting, and resolution of incidents in line with legal and regulatory standards.

Fraud Management

• Develop and implement a fraud prevention and detection framework across the organization.

• Lead investigations into suspected fraud, misconduct, and financial irregularities.

• Collaborate with Finance, Legal, and Compliance to ensure timely resolution and reporting of fraud cases.

• Maintain a whistleblower program and ensure confidentiality and integrity in handling reports.

• Monitor fraud trends and proactively adjust controls and training programs.

Team Management & Development

• Build and lead a multidisciplinary security team (cybersecurity, physical security, investigations, risk management).

• Define roles, responsibilities, and career development paths for team members.

• Foster a culture of accountability, agility, and continuous learning.

• Manage vendor relationships and external consultants as needed.

Physical & Operational Security

• Oversee facility security, access control, and surveillance systems.

• Coordinate with facilities and operations on emergency preparedness and response.

• Develop and test business continuity and disaster recovery plans.

Stakeholder Engagement

• Partner with various functions & business leaders including Legal, Regulatory Affairs, R&D, and Medical Affairs to align security with business needs.

• Lead security awareness and training programs across the organization.

• Represent the company in external forums, industry groups, and regulatory engagements.

HOW - Knowledge & Experience

Skills:

• Technical depth in cybersecurity and investigations

• Leadership and team development

• Fraud detection and prevention expertise

• Regulatory and compliance acumen

• Communication and stakeholder management

• Crisis and incident response

Knowledge & Experience:

• 15+ years of experience in security leadership, preferably in pharma or life sciences.

• Proven track record in strategic planning, investigations, fraud management, and team leadership.

• Certifications such as CISSP, CISM, CISA, CRISC, or CFE (Certified Fraud Examiner) are highly desirable.

• Strong understanding of regulatory environments and risk management frameworks.

Education / Certifications : Bachelor's or Master's degree in Information Security, Computer Science, or related field.

Language(s) : Fluency in English. Knowledge of European language is a plus for global roles.