Work Schedule
Standard (Mon-Fri)

Environmental Conditions
Office

Job Description

Thermo Fisher Scientific Inc. is the world leader in serving science, with annual revenue exceeding $40 billion. Our Mission is to enable our customers to make the world healthier, cleaner and safer. Whether our customers are accelerating life sciences research, solving complex analytical challenges, improving patient diagnostics and therapies or increasing efficiency in their laboratories, we are here to support them. Our team of more than 100,000 colleagues delivers an unrivaled combination of innovative technologies, purchasing convenience and pharmaceutical services through our industry-leading brands, including Thermo Scientific, Applied Biosystems, Invitrogen, Fisher Scientific, Unity Lab Services, Patheon and PPD. For more information, please visit www.thermofisher.com.

• Provide expert guidance on implementation of cybersecurity regulations and drive solutions to address risk
• Build and develop a team of audit and compliance cybersecurity professionals to be subject matter experts and support program requirements
• Work across Thermo Fisher Groups and functions to:
• Educate on regulatory issues, provide guidance on risk
• Build processes to meet customer and regulatory cybersecurity obligations
• Offer services to groups/functions based on needs, risk, and financial viability
• Drive transparency with clear and consistent communications on critical risks using dashboards, metrics/Key Performance Indicators (KPI), Service Level Agreement (SLA) consistency
• Liaison with Product Security leadership to partner on Product Security strategy and incorporate into program framework
• Partner w/ business leadership to drive funding for Audit & Compliance goals as part of Annual Operating Plan (AOP)
• Work collaboratively with legal and data privacy teams to
• Assess, communicate, and drive adherence to new and emerging global legislation, regulations, technologies, and guidance on cybersecurity including data protection, security measures, and regulatory frameworks
• Review regulatory and industry trends and recommend risk mitigation strategies and program modifications, where appropriate, striving to minimize the likelihood of data breaches, unauthorized access, and other cyber incidents
• Developing, updating, and implementing a comprehensive training program on sophisticated audit & compliance cybersecurity related matters and divisional/affiliate policies and procedures
• Build and manage relationships with business, product, IT, legal, data privacy, regulatory, and quality leaders to facilitate compliance
• Drive continuous Improvement of the program with utilization of PPI
• Complete other audit & compliance cybersecurity initiatives as prioritized with business and technology leadership

• Bachelor's degree in Business Information Systems, Risk Management, Compliance/Legal, or Equivalent Work Experience
• Juris Doctorate required
• 5+ years' experience with demonstrable experience with cybersecurity legal within complex, matrixed, global organizations (public company experience is preferred)
• Proven experience in audit and compliance within the information technology sector
• Ability to influence without direct authority
• Proven leadership of Risk Management at a large global enterprise
• Must have ability to develop solid and positive professional relationships with all levels of IT and Business leadership
• Customer-centric personality
• Organized, well spoken, and excellent communicator
• Strategic leader with track record of strategy implementation
• Strong leadership of diverse teams
• Governance, Risk, & Compliance (GRC) solution experience (especially ServiceNow)