We are the 1st Hub for Developers! Our motto is “From Developers to Developers”! Our vision is to provide real career opportunities for candidates that want to take the next step in their career. Code.Career is the first process that you will speak with developers (only!) and tech (freak) experts!

Our client, is one of the world’s leading biopharmaceutical companies, dedicated to discovering, developing, and delivering innovative medicines and vaccines that improve and extend patients’ lives. With a presence in more than 100 countries and a history spanning over 175 years, our client combines cutting-edge science, technology, and global expertise to address some of the world’s most challenging healthcare needs. The company fosters a culture of innovation, collaboration, and continuous learning, empowering its people to drive breakthroughs that make a meaningful impact on global health.

Our client’s Global Cybersecurity Governance, Risk, and Compliance team provides comprehensive blueprints for cybersecurity excellence by embedding governance, risk management, and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used and that security, privacy, and regulatory compliance is integrated seamlessly with the organization.

The Senior Manager, Cyber Risk Management is accountable for setting Cybersecurity Risk strategy for the enterprise operating environment, and is responsible for developing policies, processes, and procedures for cyber risk tolerance and remediation across both internal teams and external partners. The role also includes leading and mentoring a team of analysts and managers to achieve Cyber Risk Management goals.

The Senior Manager will work with cross-functional teams across the CISO organization, the broader Digital organization, and various business units to achieve shared goals, developing and implementing strategies that drive outcomes in the areas of Cyber Risk Assessments, NIST CSF adherence, risk identification, and regulatory compliance.

The Senior Manager, Cyber Risk Management will provide strategic leadership in identifying, analyzing, and mitigating digital and cyber risks across the enterprise, ensuring risks are properly quantified, prioritized, and addressed through effective controls and governance practices.

This role collaborates closely with business units, technology teams, and senior stakeholders to drive risk transparency, improve risk-based decision making, and embed cybersecurity considerations into enterprise operations. The Senior Manager, Cyber Risk Management will leverage industry frameworks, data-driven insights, and governance mechanisms to safeguard organizational resilience, protect critical assets, and strengthen the overall cyber risk posture.

Key Responsibilities

• Design, implement, and continuously enhance the enterprise cyber and digital risk management framework, associated policies, and risk assessment methodologies.
• Integrate cyber and digital risk management processes into enterprise risk management (ERM), governance structures, and strategic planning activities.
• Lead a high‑performing team that drives a strong risk culture aligned with regulatory expectations, industry standards, and internal controls.
  Partner with R&D, Manufacturing, Commercial, Digital, and Corporate business units to align cyber risk practices and ensure consistent risk identification, evaluation, and mitigation.
• Advise executives and stakeholders on cyber and IT risk posture, emerging risks, compliance obligations, and governance expectations.
  Promote a culture of accountability and cyber risk awareness across business and technical stakeholders, reinforcing ownership and informed decision‑making.
• Provide strategic oversight of the cyber risk lifecycle, including risk identification, assessment, scoring, mitigation tracking, issue management, and continuous monitoring.
• Lead, coach, and mentor a geographically distributed team of cyber risk professionals to ensure operational excellence and consistent execution.
• Identify, implement, and optimize cyber risk management technologies and automation, ensuring accuracy and completeness of risk data across systems of record.
• Define, maintain, and report on key risk metrics and dashboards (KRIs/KPIs) to monitor risk posture, highlight emerging trends, and inform senior leadership and governance committees.

Required Qualifications

• Bachelor’s degree in information security, Computer Science, Business, or related field.
• 7+ years of experience in cybersecurity, enterprise risk management, cyber risk analysis or or a Master’s degree with 6+ years of experience in cybersecurity, enterprise risk management, cyber risk analysis, or GRC-related roles.
• Proven ability to lead complex cyber risk programs involving multiple stakeholders, competing priorities, and cross-functional collaboration.
• Strong understanding of Information Security principles and application.
• CISSP, CISM or CRISC certification.
• ICS/OT cybersecurity application in an enterprise setting.
• Strong understanding of business contracts, cloud solutions, network and enterprise cybersecurity concepts, cyber assessment techniques, industry cybersecurity trends, risks and remediation techniques.
• Strong understanding of Regulatory Risk Management and application of Cybersecurity Risk management principles including, but not limited to: HIPAA, CCPA, PCI, Cyber Insurance, China PIPL, Vietnam PDPD, NIS2, DOJ.
• This role requires the individual to demonstrate experience as a Product/Service owner in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
• Strong strategic thinking, analytical capability, and problem-solving skills, ability to translate technical risk insights into recommendations.
  Demonstrated ability to prioritize risks and mitigation activities using a risk-based approach.
• Excellent communication and interpersonal skills; ability to influence across levels and functions.
• Proficiency in project management tools (e.g., Smartsheet, MS Project), data analysis platforms, and MS Office Suite.
• Experience with GRC tools like Archer, or similar technologies.

Nice-to-Have Skills

• Excellent strategic thinking.
• Deeply analytical and credible.
• Fact-based decision-making.
• Ability to challenge, influence, and support senior leadership.
• Excellent communication and presentation skills.
• Ability to bring structure to vaguely defined problems and solve them with creative yet pragmatic approaches.
• Resourceful, self-motivated, and proactive – strong drive for excellence.

Upon further discussion with our client.