Head of Global Cybersecurity
Company: Legend Biotech
Location: Somerset
Posted on: November 27, 2025
|
|
|
Job Description:
Legend Biotech is a global biotechnology company dedicated to
treating, and one day curing, life-threatening diseases.
Headquartered in Somerset, New Jersey, we are developing advanced
cell therapies across a diverse array of technology platforms,
including autologous and allogenic chimeric antigen receptor
T-cell, T-cell receptor (TCR-T), and natural killer (NK) cell-based
immunotherapy. From our three R&D sites around the world, we
apply these innovative technologies to pursue the discovery of
safe, efficacious and cutting-edge therapeutics for patients
worldwide. Legend Biotech entered into a global collaboration
agreement with Janssen, one of the pharmaceutical companies of
Johnson & Johnson, to jointly develop and commercialize
ciltacabtagene autolecuel (cilta-cel). Our strategic partnership is
designed to combine the strengths and expertise of both companies
to advance the promise of an immunotherapy in the treatment of
multiple myeloma. Legend Biotech is seeking Head of Global
Cybersecurity as part of the IT team based in Somerset, NJ. Role
Overview The Head of Global Cybersecurity is a senior leadership
role that will oversee and shape the organization’s entire
cybersecurity strategy, encompassing people, processes, and
technologies. This role requires not only high-level strategic
direction but also hands-on responsibility for developing and
implementing cybersecurity capabilities across the organization’s
global operations. This role will be reported to the Head of
Information Technology and will be a member of the Global IT
Leadership Team. Key Responsibilities Cybersecurity Strategy and
Policy Development: Lead the creation of a comprehensive
cybersecurity strategy aligned with global business objectives.
Develop policies to protect information assets and ensure
regulatory compliance. Balance security needs with operational
efficiency through a risk-based approach. Risk Management and
Threat Analysis: Identify, assess, and mitigate cybersecurity risks
across all regions and systems. Develop and apply risk management
frameworks, performing regular threat assessments to address
vulnerabilities proactively. Incident Response and Recovery:
Establish and maintain robust incident response protocols,
including detection, response, and recovery procedures. Lead the
organization through high-stakes incidents, minimizing operational
impact and safeguarding data integrity. Solution Development Based
on Risk: Develop and implement cybersecurity solutions that are
tailored to the specific risk profiles. Utilize a risk-based
approach to prioritize and address the most critical
vulnerabilities, ensuring that resources are allocated efficiently.
Continuously monitor and adapt solutions to evolving threats,
maintaining a proactive stance in safeguarding the organization's
assets. Collaboration and Reporting: Collaborate with the Global IT
Leadership Team to align IT and cybersecurity initiatives,
fostering a unified approach to protecting organizational assets.
Report on cybersecurity performance, risk status, and incidents to
executive stakeholders and the audit committee. Leadership and Team
Management: Oversee the global cybersecurity team, including
recruitment, training, and development. Promote a culture of
security awareness and ensure alignment with cybersecurity goals.
Technology and Vendor Management: Select, implement, and oversee
cybersecurity technologies and solutions. Manage third-party vendor
relationships to ensure compliance with organizational
cybersecurity standards. The incumbent has the authority to make
decisions related to technical direction, methodologies, approaches
and processes. The person can also make decisions related to
project execution, including timelines, milestones and resource
allocation within budget. Higher-level approvals are required for
those related to significant budget allocations, strategic shifts,
or actions may involve significant risks to the company or have
substantial financial or long-term implications. Requirements
Degree in a technology-related field or business administration.
Professional security management certification (e.g., CISSP, CISM)
preferred. Leadership in Multinational Corporations: Demonstrated
expertise in managing cybersecurity operations across diverse
regions, including China, the US, and the EU. Skilled in navigating
complex regulatory frameworks and cultural nuances to ensure
compliance and robust security standards. Technical and Strategic
Expertise: Deep knowledge of cybersecurity technologies and
protocols, with the ability to turn technical issues into
actionable business strategies and solutions. Project and Budget
Management: Proficient in allocating resources, managing budgets,
and delivering cybersecurity projects within financial and timeline
constraints. Relevant Certifications: Strongly preferred
certifications such as CISSP, CISM, or CISA, paired with knowledge
of risk frameworks like NIST and ISO 27001. Industry Experience:
Over 15 years in information security, focusing on risk management,
threat mitigation, and incident response. Knowledgeable about
biotech/pharma regulations (HIPAA, FDA), including GMP and non-GMP
environments. Vendor and Contract Management: Skilled in managing
third-party cybersecurity standards and overseeing managed
services. Communication and Integrity: Strong written and verbal
communication skills, with a commitment to high ethical standards.
Cross-Cultural Team Collaboration: Experienced in managing teams
across time zones and navigating cultural nuances in cybersecurity
practices. Global Incident Response: Proficient in coordinating
incident response globally, adapting to regional legal
requirements, including those in China, the EU, and the US.
Cybersecurity Program Development: Experienced in building
cybersecurity programs that prioritize risk management and advanced
threat detection. Framework and Compliance Proficiency: Familiar
with frameworks like ISO 27001, GDPR, SOX, and HIPAA for seamless
regulatory alignment. Cloud Security and Data Residency: Expertise
in cloud security and compliance with data residency laws.
Cybersecurity Automation and AI: Knowledgeable about automation and
AI in cybersecurity, mindful of regional regulatory impacts.
Mandarin would be a plus. Li-LB1 Li-Hybrid The anticipated base pay
range is $285,906 - $375,253 USD Benefits We are committed to
creating a workplace where employees can thrive - both
professionally and personally. To attract and retain top talent in
a highly competitive industry, we offer a best-in-class benefits
package that supports well-being, financial stability, and
long-term career growth. Our offerings are designed to meet the
diverse needs of our team members and their families, ensuring they
feel valued and supported every step of the way. Highlights include
medical, dental, and vision insurance as well as a
401(k)-retirement plan with company match that vest fully on day
one. Equity and stock options are available to employees in
eligible roles, we offer eight weeks of paid parental leave after
just three months of employment, and a paid time off policy that
includes 15 vacation days, 5 personal days, 5 sick days, 11 U.S.
national holidays, and 3 floating holidays. Additional benefits
include flexible spending and health savings accounts, life and
AD&D insurance, short- and long-term disability coverage, legal
assistance, and supplemental plans such as pet, critical illness,
accident, and hospital indemnity insurance. We also provide
commuter benefits, family planning and care resources, well-being
initiatives, and peer-to-peer recognition programs - demonstrating
our ongoing commitment to building a culture where our people feel
empowered, supported, and inspired to do their best work. EEO
Statement Legend Biotech is a proud equal opportunity/affirmative
action employer committed to attracting, retaining, and maximizing
the performance of a diverse and inclusive workforce. It is
Legend’s policy to ensure equal employment opportunity without
discrimination or harassment based on race, color, religion, sex
(including pregnancy, childbirth, or related medical conditions),
sexual orientation, gender identity or expression, age, disability,
national origin, marital or domestic/civil partnership status,
genetic information, citizenship status, uniformed service member
or veteran status, or any other characteristic protected by
applicable law. Employment is at-will and may be terminated at any
time with or without cause or notice by the employee or the
company. Legend may adjust base salary or other discretionary
compensation at any time based on individual, team, performance, or
market conditions. Legend Biotech maintains a drug-free
workplace.
Keywords: Legend Biotech, New Brunswick , Head of Global Cybersecurity, IT / Software / Systems , Somerset, New Jersey
