Cosette Pharmaceuticals, Inc. is a US-based, fully integrated pharmaceutical company with capabilities in product development, manufacturing, and commercial operations. Cosette has a fast-growing portfolio of branded pharmaceuticals consisting of products in the cardiology, women's health, and migraine markets. Cosette has a long history in quality manufacturing of complex dosage forms including topical creams, ointments, oral liquids/solutions and suppositories, which has led to consistent supply to customers and commercialization success. Cosette has corporate and manufacturing facilities in New Jersey and North Carolina and is supported by more than 300 dedicated employees across all functional areas. Innovating every day.™ Position Summary Reporting directly to the VP of IT, the Senior Manager, Information Security will play a crucial role in shaping and maintaining the organization's security posture by designing and implementing comprehensive security architectures. This role requires a deep understanding of security frameworks, risk management, and advanced technologies to protect the company's information assets against emerging threats. The ideal candidate will be responsible for designing, implementing, and managing robust security architectures to protect organization's information systems and working closely with various teams to ensure that security measures align with our strategic objectives and comply with industry standards and regulations Essential Duties and Responsibilities Security Design & Architecture: Develop and implement comprehensive security architecture strategies and solutions that align with industry best practices and regulations (e.g., NIST, ISO, GDPR).Design and review security systems, including network, cloud, and application security.Provide security guidance and training to staff and management.Conduct security audits to ensure ongoing effectiveness of security measures. Manage external vendors to ensure the delivery of services in accordance with expected and agreed upon service levels and costs Risk Assessment & Management: Conduct risk assessments and vulnerability analyses to identify and mitigate potential threats.Develop risk management strategies and recommend security controls to minimize exposure. Policy & Compliance: Develop and enforce security policies and procedures to ensure compliance with legal, regulatory, and industry requirements.Stay updated on security trends, emerging threats, and regulatory changes. Incident Response & Management: Develop and maintain incident response plans and procedures.Lead investigations into security incidents / breaches and implement corrective actions.Position Requirements Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. Master's degree preferred.Relevant professional certifications (e.g., CISSP, CISM, CISA, CEH) preferred.8+ years experience in cybersecurity, with a focus on security architecture and design.Knowledge of secure coding practices and application security.Proven experience in facilitating the definition of business requirements and designing and implementing solutions, including processes and managing change.Pharmaceutical and/or healthcare applications experience.In-depth knowledge of security principles, risk management, and security technologies.Strong communication skills, both written and verbal, with the ability to convey complex security concepts to non-technicalCore CompetenciesDeep understanding of network protocols, firewall configurations, VPNs, and intrusion detection/prevention systems.Knowledge of secure software development practices, application vulnerability assessment, and secure coding techniques. Familiarity with various operating systems (e.g., Windows, Linux) and their security features.Expertise in implementing and managing security controls such as access controls, encryption, and identity management.Understanding of relevant laws and regulations (e.g., GDPR, HIPAA, PCI-DSS) and the ability to ensure compliance through security architecture.Ability to analyze and interpret security threats and vulnerabilities and develop effective strategies to address them.Strong problem-solving skills with the ability to make decisions and provide solutions under pressure.A "can-do" team player that has a strong desire to continuously improve performance and service. Working knowledge of GMP processes.