Job Description & How to Apply Below
The Sr Director, Information Security has oversight responsibility for corporate-wide Information Risk Management, including data protection, compliance with cybersecurity related laws and regulations, cybersecurity incident management, and software/product information security.
Provide leadership for information security at Adaptive
Develop corporate information risk management vison, strategy, policies, standards, and tactical solutions in alignment with corporate-wide goals and objectives
Ensure compliance with applicable data protection laws, regulations, and industry standards (e.g., HIPAA, ISO 27001)
Regulatory responsibilities of HIPAA security officer as defined by 45 CFR Part 160 and Part 164, Subparts A and C
Manage Information Security awareness and training efforts
Assess vendor and business partner information security practices and compliance.
Oversee the security of products (Secure Systems Development Life Cycle) including Threat Modeling and Application Security Testing (Code reviews, vulnerability testing, and penetration testing)
Represent Adaptive to customers, auditors, and regulators on matters relating to cybersecurity
Oversee incident response and computer forensic investigations
Chair the Cybersecurity Steering Committee made up of key executives and departmental leaders in order to achieve cohesive strategy and cultural change
Periodically present the status of the Information Security program to the Board of Directors
Collaborate on physical and environmental security efforts with the Facilities department
Manage the budget for the Information Security program
Light travel as needed
15 years previous experience in Information Security preferred
5+ years of management experience (people management / vendor management)
Understanding of business processes, Legal requirements, software product development, project management, and IT operations
Working knowledge of business and risk impact assessment methodologies and mitigation strategies using industry standards, e.g., COBIT, ITIL, ISO 27001, NIST, and BITS Share Assessments.
Working knowledge of data protection and health care industry information security laws, regulations, and guidelines, e.g., GDPR, HIPAA Security and Privacy Rules, State Breach Notification Laws, 21 CFR Part 11, FDA Medical Device Cybersecurity, etc.
Certification as SANS GIAC, CISM, CISA, or CISSP preferred.
Excellent communication and interpersonal skills.
Adaptive Biotechnologies is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Equal Opportunity Employer/Veterans/Disabled
NOTE TO EMPLOYMENT AGENCIES: Adaptive Biotechnologies values our relationships with our Recruitment Partners and will only accept resumes from those partners whom have been contracted by a member of our Human Resources team to collaborate with us. Adaptive Biotechnologies is not responsible for any fees related to resumes that are unsolicited or are received by any employee of Adaptive Biotechnologies who is not a member of the Human Resources team.
Search for further Jobs Here: