Our client, an industry-disrupting biotechnology company, had created a role for a Chief Information Security Officer within its leadership team. Having experienced impressive growth over recent years, our client was keen to create a robust control framework around data and technology to combat the increased emergence of cyber risks. As our client prided themselves on a highly entrepreneurial internal culture—which had proven highly successful to date—identifying a leader for a control-oriented function within such an environment presented a unique challenge. Crucially, an appreciation of industry-specific regulations as well as broader data privacy laws was essential to this role, along with the experience of operating in a global organization accustomed to the cross-border sharing of data.

Our search methodology began with a 2-week period spent exclusively on researching and mapping the US-wide biotech and life sciences sector, working to identify firms which had already appointed a CISO. Our research was expanded to include information security executives now working in alternative industries but with a history within healthcare more broadly, as well as specialist Information Security and Data Privacy experts working within consultancies that were connected to biotechnology. Having presented an exhaustive long list of candidates to our client, we then approached those candidates who demonstrated the highest level of industry expertise and leadership potential, conducting over 25 face-to-face interviews. During our interviews we assessed both the technical capabilities of the candidates and, crucially, their alignment with our client’s core cultural values. We subsequently presented a shortlist of six extremely qualified and thoroughly evaluated candidates, all of whom made a positive impression on our client when invited to participate in their three-week interview process.

Our client identified a leading candidate quite early in the process due to their technical experience, ability to influence at board level, and deep connection to the core culture within the business. While the candidate had not been actively looking to leave their current biotech employer—and the new location was an additional commute—our firm successfully secured an acceptance of the role. Within 18 months, the candidate was promoted to the Chief Information Officer role and now oversees the entirety of the Technology organization in addition to the Information Security and Data Privacy functions.