Company Description

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and our environment safer, healthier and more sustainable. From the food you eat, to the water you drink, to the medicines you rely on, Eurofins laboratories work with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic and labelling is accurate.

The Eurofins network of companies believes that it is a global leader in food, environment, pharmaceutical and cosmetic product testing and in discovery pharmacology, forensics, advanced material sciences and agroscience contract research services. It is also one of the market leaders in certain testing and laboratory services for genomics, and in the support of clinical studies, as well as in biopharma contract development and manufacturing. It also has a rapidly developing presence in highly specialised and molecular clinical diagnostic testing and in-vitro diagnostic products.

The group's key figures are approximately: Turnover of 6.5 billion euros, more than 940 laboratories in 62 countries and around 62,000 employees.

Job Description

Role Overview

The Regional Information Security Officer (RISO) is responsible for establishing, leading, and continuously improving a comprehensive regional cybersecurity and risk management program for the Clinical Diagnostics, U.S. National Business Line (NBL).

The RISO provides strategic leadership to manage information security risk, ensure alignment with business objectives, enable effective governance, and drive appropriate adoption of Eurofins Group security services, policies, and standards across the region.

This role partners closely with business and IT leadership to proactively identify, assess, and remediate security risks while supporting operational scalability and regulatory compliance.

Key Responsibilities

Lead and manage the regional information security function, ensuring consistent, high-quality security practices aligned with Eurofins Group standards and relevant localized requirements
Provide security oversight for regional infrastructure and solution delivery teams, embedding security into day-to-day operations
Collaborate closely with the Group Information Security organization to implement global standards and execute regional action plans
Provide executive-level visibility into regional security posture, risks, and remediation efforts

Risk Management & Compliance

Conduct information security risk assessments in accordance with ISO 31000 and NIST 800-30, including oversight of risk treatment plans
Ensure all information within scope is handled in compliance with applicable statutory, regulatory, legal, and contractual requirements (e.g., HIPAA, GDPR, CCPA)
Drive consistent execution of vulnerability management and remediation activities
Support internal and external audits, including customer security assessments

Security Assurance & Technical Oversight

Ensure security is integrated into project delivery processes through policies, standards, and active oversight
Advise IT and business stakeholders on security requirements related to system selection, implementation, configuration, and operation
Plan and oversee third-party security assessments, including penetration testing and SOC 2 Type II audits
Partner with Regional Security Support (RSS) teams to review and approve security related changes and requests

Awareness, Resilience & Collaboration

Ensure ongoing security awareness and training through the centralized LMS platform
Drive collaboration with business and IT teams on business continuity and disaster recovery initiatives
Support periodic access reviews and physical security considerations within scope
Partner with Legal, Audit, Risk, Compliance, and Operations teams as required

Qualifications

Qualifications

Required Profile

7–10 years of progressive experience in information security, including at least 5 years in a leadership role
Bachelor’s degree in computer science, information security, or a related field
CISSP and/or CISM certification preferred.
Demonstrated experience in healthcare, laboratory, or other highly regulated environments (healthcare or laboratory strongly preferred).
Strong knowledge of security governance and risk frameworks such as HITRUST CSF, ISO 27001, NIST 800-series, and NIST CSF.
Working knowledge of IT governance frameworks (e.g., ITIL, COBIT 2019).
Experience establishing and reporting on cybersecurity and risk metrics.

Leadership & Communication Skills

Strong emotional intelligence with the ability to influence and lead across diverse stakeholder groups.
Proven ability to communicate security and risk concepts to both technical and non-technical audiences.
Experience leading personnel in cross-functional initiatives.
Comfortable operating in complex, fast-paced environments with ambiguity and competing priorities.
Demonstrated ability to work effectively across geographies and cultures.

Additional Information

Working hours:

Monday to Friday - 08:00 to 17:00 Hybrid Work

Company Description

The group's key figures are approximately: Turnover of 6.5 billion euros, more than 940 laboratories in 62 countries and around 62,000 employees.

Job Description

Role Overview

This role partners closely with business and IT leadership to proactively identify, assess, and remediate security risks while supporting operational scalability and regulatory compliance.

Key Responsibilities

Lead and manage the regional information security function, ensuring consistent, high-quality security practices aligned with Eurofins Group standards and relevant localized requirements
Provide security oversight for regional infrastructure and solution delivery teams, embedding security into day-to-day operations
Collaborate closely with the Group Information Security organization to implement global standards and execute regional action plans
Provide executive-level visibility into regional security posture, risks, and remediation efforts

Risk Management & Compliance

Conduct information security risk assessments in accordance with ISO 31000 and NIST 800-30, including oversight of risk treatment plans
Ensure all information within scope is handled in compliance with applicable statutory, regulatory, legal, and contractual requirements (e.g., HIPAA, GDPR, CCPA)
Drive consistent execution of vulnerability management and remediation activities
Support internal and external audits, including customer security assessments

Security Assurance & Technical Oversight

Ensure security is integrated into project delivery processes through policies, standards, and active oversight
Advise IT and business stakeholders on security requirements related to system selection, implementation, configuration, and operation
Plan and oversee third-party security assessments, including penetration testing and SOC 2 Type II audits
Partner with Regional Security Support (RSS) teams to review and approve security related changes and requests

Awareness, Resilience & Collaboration

Ensure ongoing security awareness and training through the centralized LMS platform
Drive collaboration with business and IT teams on business continuity and disaster recovery initiatives
Support periodic access reviews and physical security considerations within scope
Partner with Legal, Audit, Risk, Compliance, and Operations teams as required

Qualifications

Qualifications

Required Profile

7–10 years of progressive experience in information security, including at least 5 years in a leadership role
Bachelor’s degree in computer science, information security, or a related field
CISSP and/or CISM certification preferred.
Demonstrated experience in healthcare, laboratory, or other highly regulated environments (healthcare or laboratory strongly preferred).
Strong knowledge of security governance and risk frameworks such as HITRUST CSF, ISO 27001, NIST 800-series, and NIST CSF.
Working knowledge of IT governance frameworks (e.g., ITIL, COBIT 2019).
Experience establishing and reporting on cybersecurity and risk metrics.

Leadership & Communication Skills

Strong emotional intelligence with the ability to influence and lead across diverse stakeholder groups.
Proven ability to communicate security and risk concepts to both technical and non-technical audiences.
Experience leading personnel in cross-functional initiatives.
Comfortable operating in complex, fast-paced environments with ambiguity and competing priorities.
Demonstrated ability to work effectively across geographies and cultures.

Additional Information

Working hours:

Monday to Friday - 08:00 to 17:00 Hybrid Work

CRB

IT Regional Security Officer

Company Description

Job Description

Key Responsibilities

Risk Management & Compliance

Security Assurance & Technical Oversight

Awareness, Resilience & Collaboration

Qualifications

Leadership & Communication Skills

Additional Information

CRB

IT Regional Security Officer

Company Description

Job Description

Key Responsibilities

Risk Management & Compliance

Security Assurance & Technical Oversight

Awareness, Resilience & Collaboration

Qualifications

Leadership & Communication Skills

Additional Information