Cybersecurity Audit & Compliance Analyst leading management of comprehensive cybersecurity policies and validation of security controls. The role focuses on compliance and audit objectives within federal regulations.
About the role
- Director of IT Operations & Security at Encoded Therapeutics leading IT security and operational enhancements. Collaborating across departments to support early-stage gene therapy candidates.
Responsibilities
- Building upon Encoded’s foundations, enhance and mature our systems, people and processes to support
- Provide broad cybersecurity, IT operations and service delivery leadership and expertise.
- Develop and maintain cybersecurity and operations roadmaps aligned with business objectives and milestones.
- Provide leadership and technical oversight to help IT service desk, operations, infrastructure and security team members deliver on service levels, projects and commitments.
- Drive efficiency and scalability initiatives
- Partner with internal and vendor resources to perform IT security assessments, vulnerability scanning,
- network penetration testing, and incident response plan testing to ensure the organization has addressed
- vulnerabilities, implemented effective security controls, and prepared responses to threats.
- Keep current on emerging threats and technology.
- Oversee Encoded’s cybersecurity training program.
- Develop, refine and test policies and procedures, including Incident Response and Disaster Recovery
- Direct the technical elements of Encoded’s data privacy and data security programs
- Perform data security and privacy vendor assessments
- Oversee system access review activities, collect audit evidence, maintain documentation and monitor
- security controls to support audits.
- Report regularly to senior management on security activities, incidents, and remediation.
- Influence and mobilize users across the organization to take action to protect Encoded’s data and
- embrace a security-first mindset
- Refine existing operations and identify areas where Encoded can streamline and improve operational
- efficiency.
- Direct the infrastructure change management program.
- Serve as a technical escalation point for complex/sensitive issues.
- Communicate changes to processes, policies and systems across the organization
- Provide oversight of telecom and A/V services.
Requirements
- · BS in an IT-related field or commensurate work experience
- · 7+ years of experience in IT Security and IT Operations with a minimum of 12 years in IT overall
- · 5+ years of experience in supervising/mentoring IT staff
- · **5+ years of experience working in a late-stage clinical or commercial life sciences company **
- · Working knowledge of industry standards, such as NIST, CIS, ISO 27001/2, ITIL
- · Industry-recognized IT security certifications a plus, such as CISSP, CIPP, CISA, CCSK
Benefits
- ● Comprehensive benefits package, including competitive employer premium contributions
- ● Meaningful stock option grants
- ● PTO, sick time and holiday pay
- ● Generous Parental Leave program
- ● Pre-tax medical and dependent care programs
- ● STD, LTD, Life and AD&D
- ● Professional development opportunities
- ● Team-building events
- ● Fully stocked kitchen
- ● Purple Tie dry cleaning service
- ● Fitness center
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Partner for Finance, Legal, and Global Solutions at Novo Nordisk. Leading security initiatives to protect vital business processes with SAP technology.
Client Technical Solutioner role at Kyndryl, working closely with customers to provide cutting - edge technical solutions. Collaborating on tailored solutions and leading profitable deals while ensuring customer satisfaction.
Lead information security for CxM Practice Area at Dentsu, embedding security in products and services. Collaborate with various teams to secure client solutions and maintain security integrity.
AWS Security Architect focusing on cloud security, collaborating with Information Security and Cloud Engineering teams at Ameriprise India LLP.
Lead the design and development of secure systems for clients in cybersecurity. Create innovative security solutions while overseeing integration of secure practices for critical infrastructure.
Senior Network & Security Engineer responsible for incident resolution and handling in Datacenter. Engage in installation, configuration, and maintenance of network and security infrastructure.
Product Security Engineer ensuring the cybersecurity posture of connected vehicle platforms by leading wireless penetration testing. Assessing vehicle systems to identify and mitigate security weaknesses.
Product Security Engineer at Rockwell Automation ensuring secure development practices and collaborating on security assessments. Involves securing products and features across the full software lifecycle.
Security Intelligence Expert focusing on corporate security intelligence for Corteva Agriscience. Identifying risks and managing investigations while building intelligence resources globally.