RedwoodCityRecruiter Since 2001
the smart solution for Redwood City jobs

Director, Information Security

Company: Karius
Location: Redwood City
Posted on: January 15, 2022

Job Description:

About KariusKarius is a venture-backed life science startup that is transforming the way pathogens and other microbes are observed throughout the body. By unlocking the information present in microbial cell-free DNA, we're helping doctors quickly solve their most challenging cases, providing industry partners with access to 1000's of biomarkers to accelerate clinical trials, discovering new microbes, and reducing patient suffering worldwide.Position SummaryAs the Director of Information Security and the Security Officer, you will drive the all efforts to elevate Karius security posture to not only meet the legal and regulatory requirements, but also satisfies the high bar we have for protecting the information of our patients, customers and employees as well as Karius' intellectual properties and other information assets. You will be working with stakeholders across the company to understand the business processes and how security controls play a role in securing information exchanged or processed throughout those processes. You will develop, share and execute a roadmap to deliver improved security posture via defined milestones monitored by our executive team and the Board of Directors. As the cybersecurity subject matter expert, you will partner with stakeholders to review and audit Karius infrastructure and software stack, provide mitigation recommendations and train Karius users on secure behavior. -Being the information security expert in the company, this role is technically and administratively a very hand-on role and requires rolled up sleeves. -Why Should You Join Karius?Karius aims to conquer infectious diseases through innovations around genomic sequencing and machine learning. The company's platform is already delivering unprecedented insights into the microbial landscape, providing clinicians with a comprehensive test capable of identifying more than a thousand pathogens directly from blood, and helping industry accelerate the development of therapeutic solutions. The Karius test we provide today is one of the most advanced solutions available to physicians who aim to deliver better care to many otherwise ineffectively treated patients. Our test is the result of some incredible work done by our scientists, statisticians, engineers, and physicians, all driven by the same mission. You, as part of the Karius team, will be able to see how directly your work has a life-changing impact on people, and at scale.Reports to: VP, Engineering -Location: Redwood City, CA or Remote (within US)Primary Responsibilities ---- - Develops and implements security strategy and roadmap for the organization. Leads and advises the leadership on the security vision that is aligned to organizational priorities and enables the company's business objectives.--- - Lead all internal and external cybersecurity risk assessment activities as well as external audits such as HIPAA risk assessments. ---- - Leads the engagements with regulatory bodies, customers and partners on information security matters. ---- - Develops, implements and monitors a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy and recovery of information assets owned, controlled or/and processed by the company. In collaboration with key stakeholders, aligns information security mitigation activities with business risk priorities. ---- - Develops information protection policies and procedures. Ensures deployment of effective trainings across the company and compliance with those policies and procedures. ---- - Provides regular updates to business stakeholders about the status of our information security program and related projects. ---- - Acts as a key advisor to legal, HR and compliance teams for matters of policy violations and leads the investigation and reporting of security events; assist with legal matters associated with such violations and events as necessary. ---- - Identifies, evaluates and reports on cybersecurity risk related to the company's information assets.--- - Works with IT and Engineering to identify security gaps, develop mitigation plans and ensure successful and timely implementation of the plans. ---- - Remains current on relevant security regulations, laws, and technologies. ---- - Keeps up to date with the current and new cybersecurity threats around the world.What's Fun About the Job?Karius is operating at the edge of what is now known to be possible in infectious disease diagnostics. With that, comes a wave of new and incredible challenges and opportunities. To deliver on that value, you will be tapping into some of the most advanced technologies, architecting and innovating where the current solutions simply don't suffice. You will get to see how much your work really matters.Travel: No travel required. Physical Requirements -Subject to extended periods of sitting and/or standing, vision to monitor and moderate noise levels. Work is generally performed in an office environment. -Position RequirementsFirst and foremost, you are energized and motivated by the opportunity to build an elegant and secure technology infrastructure and software systems. You're knowledgeable and decisive on what is best for the company and yet practical in how you could achieve those goals while considering people's operational requirements. You crave tough challenges in a super technical and collaborative environment that requires creativity and vision to navigate complex and ambiguous problems. -In addition, you will be able to present:--- - BS or MS degree in Computer Science, Software Engineering, Electrical Engineering, Bio Engineering or Information Technology. Information Security related education such as CISSP, CISA, or CISM is highly desired. ---- - 15+ years of overall industry experience, 10+ years in information security & risk management and 5+ years in information security leadership and management. - ---- - Experience in the healthcare and life sciences industry, deep knowledge and hands-on experience with HIPAA and HITRUST are required. ---- - Has led business impact and risk assessments, information security audits of IT infrastructure, software systems and business processes. ---- - Conducted application security reviews, penetration testing and vulnerability management. ---- - Deep knowledge and understanding of information security frameworks and standards such as NIST and ISO 27001. Has successfully led organizations through standard compliance certifications. ---- - Experience with developing and operating security monitoring and incident response programs and relevant tools (SIEM).--- - Experience in securing public cloud environments such as (AWS, GCP or Azure) and modern / cloud-native software stack via threat modeling and application security best practices. ---- - Experience with network security setup and monitoring.--- - Hands-on experience with digital forensics, cybersecurity incident investigation and reporting. ---- - Embraces agile methodologies and continuous improvement mindset. ---- - A strong advocate for proper documentation and effective processes. -Personal Qualifications ---- - Passionate, purpose-driven, and excited about Karius' mission.--- - Mastered your craft yet eager to learn and grow.--- - Demonstrated ability to tackle complex problems.--- - Systematic problem-solving and debugging, coupled with strong communication skills and a sense of ownership and drive.--- - Ability to work independently but also be an excellent team player.--- - Ability to work effectively and efficiently in a fast paced (startup) environment.At Karius, we value a diverse and inclusive workplace and provide equal employment opportunity for all applicants and employees and are committed to honor and invest in the full diversity of people, in our hiring, recruiting and development of employees across the Company. - All qualified applicants for employment are encouraged to apply and will be considered without regard to an individual's race, color, sex, gender identity and gender expression (including transgender individuals who are transitioning, have transitioned, or are perceived to be transitioning to the gender with which they identify), religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws. If you are unable to submit your application due to a disability, please contact us at recruiting@kariusdx.com and we will accommodate qualified individuals with disabilities.Redwood City, CA or Remote (USA) /BITs - Information Technology /Full-time

Keywords: Karius, Redwood City , Director, Information Security, Executive , Redwood City, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Redwood City RSS job feeds