Manager, Information Security

About The Position

Requirements

• 6+ years of practical experience in cybersecurity operations and management, both technical and program level.
• BS in cybersecurity, information systems, mathematics, or similar degree.
• Strong knowledge of information systems security concepts and current information security/privacy trends and practices.
• Must be able to prepare formal reports and presentations as needed.
• Strong business and technical skills in the planning, administration, and management of information systems, operational and technical security controls; and security risk analysis and management.
• Manage conflict and difficult issues in a professional, assertive and proactive manner.
• Ability to build strong partnerships at all levels, internal and/or external to the organization.
• Deep experience with Microsoft Entra, Office 365 services, and MS security functions such as multi-factor, Conditional Access, Defender, Sentinel, Sensitivity Labels, etc.
• Strong working knowledge of Palo Alto firewalls, Cisco switches and access points, and VMware and open-source hypervisors.
• Knowledge of FDA CFR 21 part 11, HIPAA, SOX, GDPR, CCPA, and other relevant regulations and compliance frameworks applicable to life science organizations.
• Professional certifications (CISA, CISSP, CSSP) are highly desirable.
• Excellent verbal and written communication skills.
• Ability to work independently and collaboratively, as required, in a fast-paced start-up environment consisting of internal and external team members.
• Analytical thinker with excellent problem-solving skills.
• Excellent planning, organization and time management skills including the ability to support and prioritize multiple projects.

Responsibilities

• Co-develop cybersecurity strategies and policies.
• Manage internal and external, including supply chain, cybersecurity risks.
• Lead security assessments, penetration testing, incident management.
• Design, build, and run cybersecurity programs.
• Integrate and implement security into applications and systems.
• Design and implement identity and access management capabilities.
• Deliver cybersecurity culture change, awareness, and training.
• Perform continuous monitoring activities such as using SIEM tools, APT hunting, implementing UBA, etc.
• Design implement vulnerability management, including conducting vulnerability assessments.

Benefits

• Medical, dental and vision insurance
• Life, long and short-term disability insurance
• Paid Parental Leave
• 401K program with company match
• Unlimited vacation time
• Employee Stock Purchase Program (ESPP)
• Compensation is market competitive for the industry and directly commensurate with experience
• All positions are bonus and stock eligible