Director of Cybersecurity

2 months ago

Brockton, Massachusetts, United States Insmed Incorporated Full time



Company Description

Insmed is a global biopharmaceutical company on a mission to transform the lives of patients living with serious and rare diseases. Our most valuable resource is our employees, and everything we do is motivated by a patients-first mentality. We are dedicated to growing our team with talented individuals from around the world who are willing to challenge the status quo, solve problems, and work collaboratively with a sense of urgency and compassion.

Guided by our core values of collaboration, accountability, passion, respect, and integrity, we aim to foster an inclusive, diverse, and flexible work environment, where our employees are recognized for leaning in and rolling up their sleeves. If you share our vision and want to work with the most dedicated people in the biopharma industry, come to Insmed to accelerate your career.



Recognitions

Named Science's Top Employer in 2021, 2022, and 2023

Insmed is dedicated to creating a collaborative environment where our team can thrive. Every day, our employees turn their passion for science and research into innovative solutions for patients. That's why we were named the No. 1 company to work for in the biopharma industry in Science's Top Employers Survey for two years in a row.

A Certified Great Place to Work

We believe our company is truly special, and our employees agree. In July 2023, we became Great Place to Work-certified in the U.S. for the third year in a row. We are also honored to have been listed on the Best Workplaces in BiopharmaTM, Best Workplaces in New YorkTM, and Best Workplaces for MillennialsTM lists.



Overview

Reporting to the Senior Director, IT Cloud & Security Operations, the Director of Cybersecurity will be responsible for information security operations, to include, planning and operation of cybersecurity tools, applications, and business intelligence. The selected candidate will assist in developing, implementing, overseeing, and optimizing the organization's cybersecurity program (tools, technologies, methodologies) to ensure that information security policies, standards and practices are in place to manage risk to the enterprise effectively. This mid-level leadership position will also assist in driving the tactical direction of Insmed's cybersecurity program to define and deliver reliable, secure, and scalable network systems, processes, and other services. Ideal candidates for this position will be hands-on leaders, able to do the work as well as accomplish results through others, in addition to demonstrating strong coaching, mentorship, and career development skills.



Responsibilities

Responsibilities

Lead and mentor the Cybersecurity team creating a culture that fosters engagement, passion, and enthusiasm for Insmed's vision, mission, and values.Builds and matures a culture focused on proactive risk management and cyber security best practices.In coordination with the Senior Director, participate in the development of Insmed's IT strategy as it relates to cybersecurity; implement and operationalize the strategy. Collaborates with Senior Director on a strategy for building management support and ownership of cybersecurity.Responsible for developing, implementing, and executing information security and vulnerability assessments, testing applications, systems, and infrastructure to ensure appropriate protection of sensitive customer and company information; performs risk analysis and recommends remediation for deficiencies. Tracks and reassess remediation(s) to ensure compliance with policies and operational standards.To appropriately manage the program and enterprise risk, leverage cyber security metrics.Research and benchmarks industry-leading security practices and tools, validating the organization is protected with industry-leading security solutions and services. Examine new technologies' impact on the organization's overall information security posture. Establishes processes to review new technologies and ensure security compliance.Responsible for developing, implementing, and executing company-wide/departmental information security training and awareness programs.Manage production technology incidents to resolution, ensuring timely engagement, escalation, and effective communication to business, technology, and vendor partners.Develop, implement, maintain, and oversee Insmed's cybersecurity program ensuring Insmed can identify and detect threats, and protect, respond, and recover from threats and incidents.In collaboration with Senior Director, work with and actively engage security service providers to deliver necessary services and manage contract requirements and service level agreements.Execute security management tasks including the monitoring, installation, and activation of malicious software protection tools, applying security protocols to network connectivity, managing user identities and logical access, and providing security data as needed when investigations arise.Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.Develop, implement, and test the IT elements in the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).Experience with cybersecurity standards and compliance to include NIST Cybersecurity Framework, ISO, CIS, and HITRUST. Responsible for developing, implementing, and executing a comprehensive set of security standards and guidelines, including but not limited to cybersecurity operations, incident response, vulnerability management, network security, data protection, and loss, endpoint security, compliance program, and identity and access management.Ensure program standards comply with applicable State and Federal regulatory requirements.Maintain professional and technical knowledge while remaining informed on trends and issues within the cybersecurity industry, including current and emerging technologies and pricing; in coordination with the Senior Director, advise, counsel and executive management teams on their relative importance and financial impact.QualificationsUndergraduate degree in Computer Science, Management Information Systems, Business, or related field.15+ years' experience in IT/Cybersecurity.10+ years' experience developing, managing, and directing cybersecurity operations with planning and development requirements, to include assessing effectiveness of such programs.10+ years' experience leading a team of highly skilled technical professionals.5+ years' of leading information security risk assessments, vendor risk management programs, developing information security awareness and education programs, and managing information technology or security projects.5+ years' of effectively managing a Cybersecurity team.Certifications – preferred but not required:GIAC Security Essentials CertificationGIAC Security Leadership CertificationISACA Certified Information Security ManagerMicrosoft Certified Systems Engineer: Security(ISC)2 SCCP(ISC)2 CISSP(ISC)2 ISSAPCCISOCISACRISCKnowledge, Skills & AttributesProven analytical, strategic, and conceptual thinking and execution skills.Advanced knowledge of systems design methodologies & development, including core infrastructure and enterprise-wide applications, as well as online applications, and web-based systems, voice and data communications technologies, security frameworks & methodologies, open architecture systems, common programming languages, open-source software, business intelligence, and data analytics.Expertise in cybersecurity regulatory, compliance, and framework requirements, such as NIST, HITRUST, CIS, and ISO.Experience working with Security Incident and Event Management (SIEM) tools, endpoint detection and response tools, vulnerability management suites, and various security solutions.Experience with the following cyber security domain areas:Data encryption (rest, transit, memory)Public Key Infrastructure (PKI) key management systemsSecurity incident management and response (cybersecurity forensic skillset)Application security (secure coding, shift left)Identity and access management program (MFA, SSO, LCM, IGA)Data handling and classificationFirewallsNetwork segmentationCyber resiliencyData loss preventionStrong knowledge of operating system, application, network, and database security architectures.Proven ability to effectively utilize techniques designed to reduce frequency, duration, and impact of common business disruptions particularly as they relate to branch/contact center operations, electronic services, and telecommunications.Strong verbal and written communications skills including the ability to explain technical concepts and technologies to business leaders and senior executives.Strong leadership, inter-personal, and collaboration skills.Proven ability to increase employee engagement, build, retain, and manage a highly skilled and motivated team.In-depth knowledge of IT and cybersecurity practices/trends in the biopharma and/or financial services industry and operating policies.Strong project management skills and a track record of successfully managing change, process improvement, and operational performance.Ability to collaborate, build relationships, and influence individuals at all levels within the organization and strong vendor management skills.Strong budget management skills and ability to develop and obtain approval for significant business cases.Strong problem-solving and trouble-shooting skills including the ability to identify and evaluate business threats and opportunities.Able to work under pressure of time deadlines, be flexible, and able to shift resources and priorities as required.Self-motivated and directed, team-oriented and skilled in working within a collaborative environment.A continuous learner who has a thirst for keeping abreast of new and emerging technologies.This position is required to work weekends and nights as necessary to ensure network availability and to support after regular business hours deployment of new systems, patches, fixes, and/or other enhancements.

Travel Requirements

Up to 20% travel

#LI-JT1



Salary Range

Insmed takes into consideration a combination of candidate's education, training, and experience as well as the position's scope and complexity, the discretion and latitude required in the role, and external market and internal value when determining a salary level for potential new employees.

The base salary range for this job is from $171,000.00 to $239,667.00 per year



Compensation & Benefits

We're committed to investing in every team member's total well-being, now and in the future. We offer a competitive total-rewards package to all employees around the world, including:

Flexible approach to where and how we work, regionally basedCompetitive compensation package including bonus Stock options and RSU awardsEmployee Stock Purchase Plan (ESPP)Flexible Vacation Policy Generous paid holiday schedule and winter break ADDITIONAL U.S. BENEFITS:401(k) plan with company matchMedical, dental, and vision plansCompany-provided Life and Accidental Death & Dismemberment (AD&D) insuranceCompany-provided short and long-term disability benefitsUnique offerings of pet, legal, and supplemental life insuranceFlexible spending accounts for medical and dependent careAccident and Hospital Indemnity insuranceEmployee Assistance Program (EAP)Mental Health on-line digital resourceWell-being reimbursementPaid leave benefits for new parentsPaid time off to volunteerOn-site, no-cost fitness center at our U.S. headquarters

Additional Information

Insmed Incorporated is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

Unsolicited resumes from agencies should not be forwarded to Insmed. Insmed will not be responsible for any fees arising from the use of resumes through this source. Insmed will only pay a fee to agencies if a formal agreement between Insmed and the agency has been established. The Human Resources department is responsible for all recruitment activities; please contact us directly to be considered for a formal agreement.

Applications are accepted for 5 calendar days from the date posted or until the position is filled.

  • Director of Human Resources

    2 months ago

    Brockton, Massachusetts, United States City of Brockton Full time

    The City of Champions is hiring We are seeking our next Director of Human Resources upon the retirement of our current director.The Director is responsible for the development and administration of the city's human resource functions, including recruitment, equal opportunity employment, labor relations, employee health benefits, training and the...

  • Director, AI Red Team

    3 weeks ago

    Brockton, Massachusetts, United States Optum Full time

    Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion,...

  • Director- Chief Enterprise Architect

    1 month ago

    Brockton, Massachusetts, United States Daikin Applied Full time

    Make your mark at the world's largest HVAC company Daikin Applied is in search of a talented Director Chief Enterprise Architect to join our dynamic team. The Chief Enterprise Architect plays a crucial role in shaping the technological landscape of an organization, ensuring that IT investments and initiatives contribute to its overall success and...

  • Water and Sewer Superintendent

    1 month ago

    Brockton, Massachusetts, United States Town of East Bridgewater Full time

    The town of East Bridgewater is accepting applications for the position of Water and Sewer Superintendent in the Department of Public Works.Under general direction of the Director of Public Works, the successful candidate is responsible for the daily management and operation of the town's water and wastewater systems in accordance with federal, state, and...

  • Clinical Social Worker

    1 month ago

    Brockton, Massachusetts, United States The Commonwealth of Massachusetts Full time

    Job DescriptionThe Department of Mental Health's Brockton Multi Service Center (BMSC) is seeking an experienced, licensed clinician for our Intake Department. The identified candidate will be a part of the BMSC Intake team, responsible for engaging and assessing individuals in a variety of settings who have been deemed clinically eligible for DMH services....

  • Orthotist/Prosthetist (Advanced Practitioner)

    3 months ago

    Brockton, Massachusetts, United States Department Of Veterans Affairs Full time

    Summary The Non-Supervisory Orthotist/Prosthetist (Advanced Practitioner) works in Prosthetics and Sensory Aids Service at the VA Boston Healthcare System. This is an open and continuous job opportunity announcement. Certificates are issued on an unannounced periodic basis based on requests from management. Applications will be evaluated and referred for...

  • Environmental Service Spec II

    2 days ago

    Brockton, United States Commonwealth of Massachusetts Full time

    Description The Department of Mental Health, Brockton Multi-Service Center is seeking an experienced Environmental Service Specialist II. Please Note: The selected candidate will work on the day shift, 8:00 a.m. to 4:30 p.m. The days off are Saturday and Sunday. Duties and Responsibilities (these duties and responsibilities are not all...

  • Orthotist/Prosthetist (Advanced Practitioner)

    3 months ago

    Brockton, United States Department Of Veterans Affairs Full time

    Summary The Non-Supervisory Orthotist/Prosthetist (Advanced Practitioner) works in Prosthetics and Sensory Aids Service at the VA Boston Healthcare System. This is an open and continuous job opportunity announcement. Certificates are issued on an unannounced periodic basis based on...