The Associate Director: Attack Surface Reduction role presents a dynamic opportunity to ensure the secure operation of the IQVIA global information technology (IT) infrastructure and processes through developing and implementing new cybersecurity safeguards, amending and improving existing safeguards, as well as contributing to implementation of necessary security measures and controls within projects across the enterprise.
This role plays a part in our global Cyber Fusion Center team and will provide an excellent opportunity to liaise with key external and internal stakeholders while strengthening our Information Security function.
You will work closely with and will be part of the Global Technology & Operations organization structure partnering with the Business Units community and their related teams. You will also find yourself working together with other IQVIA Information Security managers and staff, and with Business Unit teams. This is an opportunity to join and progress with a forward-thinking department.
The Associate Director of Attack Surface Reduction will lead and manage initiatives to identify, analyze, and mitigate vulnerabilities within our organization’s IT infrastructure. This role requires a deep understanding of cybersecurity principles, excellent leadership skills, and the ability to work cross-functionally to ensure the security and resilience of our digital assets. The ideal candidate will possess a proactive approach to security, staying ahead of emerging threats and continuously improving our security posture.
Principal responsibilities will include:
· Leadership and Strategy:
○ Develop and implement strategies to reduce the organization’s attack surface.
○ Lead a team of security professionals focused on vulnerability management and cyber threat intelligence.
○ Collaborate with senior leadership to align security initiatives with business objectives.
· Vulnerability Management:
○ Oversee regular security assessments, vulnerability scans, and penetration tests.
○ Prioritize and remediate identified vulnerabilities in collaboration with IT and development teams.
· Cyber Threat Intelligence:
○ Monitor and analyze threat intelligence to identify potential risks to the organization.
○ Provide guidance on emerging threats and recommend mitigation strategies.
· Administrative:
○ Develop and maintain security policies, procedures, and standards.
○ Communicate effectively with stakeholders regarding security initiatives.
○ Prepare and present regular reports on security posture and activities to executive leadership.
Required Experience and Qualifications
· Minimum of 7 years of professional experience in Information Security, IT Delivery, IT Program Management or other related areas.
· Experience with vulnerability management and cyber threat intelligence tools such as Qualys, Nessus, MISP, Anomali, etc.
· Bachelor’s degree in Computer Science, Information Security, or a related field. Master’s degree preferred.
· A CISSP, CISM, CEH or equivalent professional certificate is mandatory.
· Proven experience in a leadership or management role within cybersecurity.
· Strong understanding of security frameworks and standards (e.g., NIST, ISO 27001).
· Excellent analytical, problem-solving, and decision-making skills.
· Strong communication and interpersonal skills, with the ability to explain complex security issues to non-technical stakeholders.
· Ability to manage multiple projects and priorities in a fast-paced environment.
IQVIA is a leading global provider of advanced analytics, technology solutions and clinical research services to the life sciences industry. We believe in pushing the boundaries of human science and data science to make the biggest impact possible – to help our customers create a healthier world. Learn more at