Business Information Security Leader (BISL) - Hybrid - Bridgewater, NJ or Morrisville, NC

Business Information Security Leader (BISL) - Hybrid - Bridgewater, NJ or Morrisville, NC

Syneos Health® is a leading fully-integrated life sciences services organization built to accelerate customer success. We partner with innovators at every point across the drug development and commercialization continuum, helping them navigate complexity, anticipate change and accelerate progress.

Every day we perform better because of how we work together, as one team, each the best at what we do. We bring together talented experts across a broad spectrum of business critical corporate functions. Every role plays an essential part in enabling our customers to achieve their goals. Our teams are agile, collaborative, and committed to delivering—for each other, for our customers, and ultimately for the people who rely on the services we support.
Discover what your 25,000 future colleagues already know:

Why Syneos Health
• We are passionate about developing our people, through career development and progression; supportive and engaged line management; technical and therapeutic area training; peer recognition and total rewards program.
• We are committed to building an inclusive culture – where you can authentically be yourself. Central to this is our purpose – Driven to Deliver – which captures the passion of our colleagues to show up each day and shape solutions that have the ability to dramatically impact someone’s life.
• We are continuously building the company we all want to work for and our customers want to work with. Why? Because we know that when we bring together smart colleagues from across the world, we can shape the future of healthcare, driving impact for customers and defining the pace of patient progress.

Job Responsibilities

Syneos Health has three business units, Corporate, Clinical, and Commercial. Each of these units has a unique set of functions and requirements to operate smoothly and efficiently. The Business Information Security Leader (BISL) serves as the senior security executive embedded within an assigned business unit (Clinical, Commercial, or Corporate) accountable for information security across that sector. The BISL works across all departments and teams globally within its assigned business unit. This role has responsibility for strategic solution design aligned to company-wide objectives. The BISL is accountable for ensuring transparency of cyber risk posture, embedding security into business strategy and enabling secure product delivery.

The BISL works as a security business partner to a business unit, leading the development and evolution of security strategy for the sector, and ensuring it is achieving shared business and security goals. The BISL operates as a trusted member of the business-aligned Syneos Technology Solutions (STS) leadership team while maintaining a strong functional alignment to the Chief Information Security Officer (CISO). The candidate must have a broad understanding of technologies and security strategies and effectively communicate to all levels within the organization. This role ensures that security is integrated across the full product lifecycle and that business decisions appropriately balance risk, regulatory requirements, and operational objectives.

In addition to the job responsibilities below, this individual will need to understand and adapt to the ever-changing cybersecurity risk landscape to best advise on risk mitigation and avoidance strategies for their assigned business unit.

• Serve as the senior security advisor to the assigned business-aligned STS leadership team.

• Partner across all departments and teams globally within the assigned business unit.

• Align security priorities with STS business strategy, digital roadmaps, and regulatory requirements.

• Embed security-by-design principles into portfolio planning, demand intake and product development processes.

• Inform Information Security priorities with STS product team strategy & goals.

• Represent security requirements in portfolio governance forums.

• Provide senior level accountability for the business unit security strategy, ensuring consistent direction, prioritization, and alignment with company wide objectives while maintaining strong partnership with the CISO.

Business Unit Cyber Risk Ownership (Identify)

• Maintain visibility into the aggregated cyber risk posture of the assigned business unit.

• Ensure risk assessments are conducted, partnering with the Risk Management function, for new and materially changed technologies.

• Serve as a security risk advisor to business-aligned STS leadership, provide mitigation and remediation guidance, track and highlight risk treatment plans progress.

• Provide formal risk posture reporting to STS leadership on a defined cadence.

• Escalate roadblocks inhibiting timely mitigation or closure of risks.

• Prevent unmanaged technology risk proliferation.

• Exercise senior decision authority for cybersecurity and technology risk matters within the Business Unit, including oversight of risk acceptance, escalation to enterprise forums, and long-term risk posture considerations.

Secure Solution Delivery Governance (Protect / Detect)

• Participate in business demand and portfolio review processes to ensure early security engagement.

• Ensure projects receive appropriate security requirements and technical guidance.

• Drive early involvement of regulatory, privacy, and compliance subject matter experts.

• Monitor and drive adherence to enterprise security standards and architectural patterns.

• Deliver strategic solution design aligned to company-wide objectives.

Regulatory & Compliance Alignment (Protect / Recover)

• Ensure business unit adherence to security policies, standards, and regulatory requirements (e.g., Privacy, SOX, GxP as applicable).

• Partner with Compliance, Privacy, Legal and other Risk functions to address control gaps.

• Partner with CISO subject matter experts to support security-related audits, regulatory inquiries, and remediation activities.

• Represent the business unit in enterprise security, risk, and compliance governance forums, providing senior-level input on regulatory risk and remediation priorities.

Investigations & Resilience (Detect / Respond / Recover)

• Support security investigations and post-incident reviews , providing senior oversight and accountability for remediation outcomes and systemic improvements.

• Drive business engagement in continuity and disaster recovery planning.

• Ensure lessons learned are incorporated into control improvements and architecture patterns.

Security Culture & Business Enablement

• Promote a culture of secure behavior and accountability.

• Cascade and tailor security communications and awareness for maximum business unit impact.

• Translate complex security risks into business-relevant language.

• Provide periodic executive-ready reporting and risk insights.

• Influence decision-making through data-driven risk transparency.

• Provide strategic leadership and direction across senior leaders, managers, and cross-functional stakeholders within the Business Unit, enabling consistent execution in a

complex, matrixed environment.

At  Syneos Health, we believe in providing an environment and culture in which Our People can thrive, develop and advance. We reward and recognize our people by providing valuable benefits and a quality-of-life balance. The benefits for this position may include a company car or car allowance, Health benefits to include Medical, Dental and Vision, Company match 401k, eligibility to participate in Employee Stock Purchase Plan, Eligibility to earn commissions/bonus based on company and individual performance, and flexible paid time off (PTO) and sick time. Because certain states and municipalities have regulated paid sick time requirements, eligibility for paid sick time may vary depending on where you work. Syneos complies with all applicable federal, state, and municipal paid sick time requirements.

Salary Range:

The base salary range represents the anticipated low and high of the Syneos Health range for this position. Actual salary will vary based on various factors such as the candidate’s qualifications, skills, competencies, and proficiency for the role.

Get to know Syneos Health

Over the past 5 years, we have worked with 94% of all Novel FDA Approved Drugs, 95% of EMA Authorized Products and over 200 Studies across 73,000 Sites and 675,000+ Trial patients.

No matter what your role is, you’ll take the initiative and challenge the status quo with us in a highly competitive and ever-changing environment. Learn more about Syneos Health.

Additional Information

Tasks, duties, and responsibilities as listed in this job description are not exhaustive. The Company, at its sole discretion and with no prior notice, may assign other tasks, duties, and job responsibilities. Equivalent experience, skills, and/or education will also be considered so qualifications of incumbents may differ from those listed in the Job Description. The Company, at its sole discretion, will determine what constitutes as equivalent to the qualifications described above. Further, nothing contained herein should be construed to create an employment contract. Occasionally, required skills/experiences for jobs are expressed in brief terms. Any language contained herein is intended to fully comply with all obligations imposed by the legislation of each country in which it operates, including the implementation of the EU Equality Directive, in relation to the recruitment and employment of its employees. The Company is committed to compliance with the Americans with Disabilities Act, including the provision of reasonable accommodations, when appropriate, to assist employees or applicants to perform the essential functions of the job.

Summary

Syneos Health has three business units, Corporate, Clinical, and Commercial. Each of these units has a unique set of functions and requirements to operate smoothly and efficiently. The Business Information Security Leader (BISL) serves as the senior security executive embedded within an assigned business unit (Clinical, Commercial, or Corporate) accountable for information security across that sector. The BISL works across all departments and teams globally within its assigned business unit. This role has responsibility for strategic solution design aligned to company-wide objectives. The BISL is accountable for ensuring transparency of cyber risk posture, embedding security into business strategy and enabling secure product delivery.