Information Security Lead
About The Position
We are seeking an Information Security Lead who will serve as the founding security hire and the anchor of Cellares' InfoSec program. This is a hands-on leadership role that blends strategic program development with direct technical execution. The primary focus of this position will be to build and mature the company's security posture, lead a growing team across geographies, and ensure compliance with relevant regulatory frameworks including 21 CFR Part 11, SOC 2, and ISO 27001. This is a multidisciplinary role & this individual will further interface across many parts of the company to drive policy and governance. Candidates should enjoy working in a fast-paced, mission-driven environment, and be prepared to tackle a broad selection of challenges as the company grows.
Requirements
- Bachelors in Computer Science, or related field
- 8+ years of progressive information security experience with at least 2 years in a lead or senior individual contributor role
- Strong hands-on experience with SIEM tools (e.g., Splunk, Sentinel), EDR platforms, and vulnerability management tools (e.g., Tenable, Qualys)
- Deep knowledge of cloud security architecture (AWS, Azure, or GCP) and cloud-native security tools
- Experience driving SOC 2, ISO 27001, or NIST CSF compliance programs
- Proficiency in scripting and automation (Python, Bash, or PowerShell) for security tooling and response
- Excellent communication and stakeholder management skills â capable of translating technical risk into business language
- Self-awareness, integrity, authenticity, and a growth/entrepreneurial mindset
Responsibilities
- Design, build, and continuously improve Cellares' Information Security program from the ground up, including policies, standards, and procedures
- Develop and maintain a multi-year rolling strategic roadmap aligned to business objectives
- Lead day-to-day security operations, working closely with the India-based Security Analysts on monitoring, incident response, and vulnerability management.
- Architect and maintain a cloud security framework across AWS, Azure, or GCP environments used by Cellares
- Own the security aspects of the software development lifecycle (SDLC), including threat modeling, secure code review, and developer security training
- Drive compliance efforts for SOC 2 Type II, ISO 27001, and life sciences-specific frameworks (e.g., 21 CFR Part 11, GxP)
- Conduct and manage third-party risk assessments, vendor security reviews, and penetration testing engagements
- Collaborate with IT, Engineering, Legal, and Operations to integrate security into all business processes
- Manage and mentor the India-based Security Analysts, providing technical guidance, career development, and task prioritization
- Lead incident response activities, conduct post-mortems, and implement lessons-learned improvements
- Report on security metrics, risks, and program maturity to executive stakeholders
Benefits
- competitive base salaries
- highly subsidized Medical, Dental, and Vision Plans
- 401(k) Matching
- Free EV Charging
- Onsite lunches
- Stock options
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
101-250 employees
