Vice President, Information Security
Cambridge, MA USA
Applications have closed
Flagship Pioneering, Inc.
We are Flagship Pioneering We are a biotechnology company that invents platforms and builds companies that change the world. Latest News Companies…At Flagship Pioneering, we conceive, create, resource, and develop first-in-category life sciences companies to transform human health and sustainability. We’ve created over 100 scientific ventures, including the now familiar drug and vaccine innovator, Moderna Therapeutics.
Since Flagship’s inception in 2000, many of our companies have leveraged advances in computing, big data and AI. In recent years, this trend has accelerated with first-in-category life science companies such as Generate Biomedicines, Cellarity, Valo and many others that are creating breakthrough innovations using AI and ML technologies.
The Mission
The Flagship Ecosystem presents a compelling opportunity for impact-focused technology professionals for a number of reasons:
- Flagship’s companies create medicines that save and improve the lives of patients. Moreover, the companies in the Flagship network have the potentially to dramatically change disease treatment, healthcare, and sustainable agriculture on a global scale.
- The Flagship network is composed of new and growing companies with widely varying needs that span all aspects of technology, presenting incredible opportunity for learning and development.
- Flagship creates new companies that operate without the burden of legacy systems or technical debt. Individuals that understand the technical opportunities and challenges in company growth will have the opportunity to influence and shape the trajectory of dozens of companies, with broad impact.
To deliver on this mission, Flagship seeks individuals who have a proven track record of solving enterprise-scale challenges while thriving in a dynamic startup culture.
Position Summary:
The VP, Information Security is a newly created internal role in the Flagship Digital, IT & Informatics function and will report to the SVP, Head of Digital. This is an exciting opportunity for an experienced leader to build an information security and compliance capability, driving the strategy, roadmap, and executive engagement around Flagship’s security & compliance goals.
This role will be both hands-on in its development and implementation work and will also interface with all executive functions across Flagship Pioneering and our early stage (“Enterprise”) companies, developing practical and appropriate security and compliance programs for each stage of a companies’ growth.
Key Responsibilities:
- Develop, implement, and monitor a strategic, comprehensive enterprise Information Security and IT risk management program
- Develop and implement a cybersecurity & compliance roadmap appropriate for Flagship’s business context, including executive awareness and support
- Stand as the primary executive for all external related security and compliance questions
- Manage our Security Operations capability, including third-party security service providers
- Oversee the implementation of technical security controls such as firewalls, intrusion detection systems, phishing simulations, and encryption.
- Implement enterprise-wide policies, including annual risk assessments, mitigation and remediation activities
- Develop and drive information security awareness and training programs across Flagship and the Enterprise
- Lead cybersecurity monitoring and Incident Response (IR) to ensure a secure and trusted enterprise environment
- Provide guidance and oversight of security requirements to our technology partners, conduct security reviews and assessments for potential SaaS vendors and products
- Participate in the development of Disaster Recovery (DR) and Business Continuity (BC) standards and processes
- Serve as an IT Security expert resource for Flagship portfolio companies when necessary
- Evaluate evolving security trends, risks, vulnerabilities, and opportunities
Qualifications:
- 7+ years’ experience in IT Security
- 4+ years’ building and leading a team at an enterprise level, including executive engagement and experience navigating complex organizational structures and stakeholders
- Well-versed in communicating security and risk related concepts to a broad range of technical and non-technical leaders and staff
- Experience designing security programs for cloud-native organizations
- Experience with the needs of HCLS organizations including familiarity with HIPAA, GDPR and handling genomic data
- Proven experience with risk management, audits and vendor negotiation and management
- Knowledge of security, service, and control frameworks, such as ISO/IEC 27001, NIST, ITIL, SOx, HITRUST, and GDPR
- Demonstrated experience securing cloud-based infrastructure to support distributed and remote working
- Understanding of current legislation and regulations relevant to our organization
- Professional IT Security certification (CISSP, CISM, etc) is encouraged
- Bachelor’s degree or related experience
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Big Data CISM CISSP Cloud Compliance Encryption Firewalls GDPR HIPAA HITRUST Incident response Intrusion detection ITIL Monitoring NIST Risk assessment Risk management SaaS SOX Strategy Vulnerabilities
Perks/benefits: Career development Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs