Senior Director, Information Security

About The Position

Requirements

• Post Graduate degree with 12+ years of experience or a Bachelor's degree with 15+ years of relevant experience.
• Strong communication skills with the ability to manage up, down and to the sides.
• Extensive knowledge of regulatory requirements and compliance standards relevant to the biotech and healthcare industries, such as HIPAA, GDPR, FDA regulations, etc.
• Proven track record of designing and implementing effective cybersecurity programs, including risk management, threat detection, and incident response.
• Excellent leadership, communication, and interpersonal skills, with the ability to influence and collaborate across all levels of the organization.
• Commitment to diversity, equity, and inclusion, with a demonstrated ability to foster a culture of belonging and respect in the workplace.
• Strong background in biotech, pharmaceuticals, or healthcare.

Nice To Haves

• Relevant industry certifications (e.g., CISSP, CISM, CRISC) highly desirable.
• Specific experience in global clinical trials preferred.

Responsibilities

• Develop and execute a comprehensive information security strategy aligned with business objectives, regulatory requirements, and industry best practices.
• Oversee the implementation and maintenance of robust cybersecurity measures, including but not limited to network security, endpoint protection, data encryption, access controls, and incident response protocols.
• Lead the development and enforcement of information security policies, procedures, and standards to mitigate risks and protect against cyber threats.
• Collaborate with cross-functional teams to integrate security into the design, development, and deployment of new products and technologies.
• Provide strategic guidance and direction on compliance initiatives, ensuring adherence to relevant regulations such as HIPAA, GDPR, FDA guidelines, and other global data protection laws.
• Conduct regular risk assessments and security audits to identify vulnerabilities, assess the effectiveness of controls, and recommend remediation actions as needed.
• Foster a culture of security awareness and compliance throughout the organization through training, communication, and employee engagement initiatives.
• Ensure that security policies and standards are understood and applied in contracts, engineering projects, and infrastructure.
• Serve as the primary point of contact for security incidents, breaches, and regulatory inquiries, leading investigations and coordinating response efforts as necessary.
• Collaborate closely with Cyber SOC for incidence response.
• Stay abreast of emerging threats, trends, and technologies in the cybersecurity landscape, continuously evaluating and enhancing the company's security posture.
• Represent the company in discussions with regulators, industry partners, and stakeholders on matters related to information security and compliance.

Benefits

• 401k plan with company matching
• Medical (premiums covered by Eikon at 95%), dental and vision insurance (premiums covered by Eikon at 100%)
• Mental health and wellness benefits
• Weeklong summer and winter holiday shutdowns
• Generous paid time off and holiday policies
• Life/AD&D Insurance (premiums covered by Eikon at 100%) and optional supplemental employee-paid life/AD&D policies
• Enhanced parental leave benefit
• Daily subsidized lunch program when on-site