BioCryst Pharmaceuticals, Inc. logo

Exec. Director, Cybersecurity

BioCryst Pharmaceuticals, Inc.
Full-time
Remote friendly (United States)
Worldwide
IT
READY TO JOIN THE 3 DAY BIOPHARMA JOB CHALLENGE? 3 Days, 30 minutes a day, and get tools and tips to land a great job like this! Register for this FREE biopharma community event at 3day.medicinetomarket.com

Also check out the NEW JobsAI – this is the smarter, faster way to compete in today’s job market.

👉 Check out JobsAI

Company

At BioCryst, we share a deep commitment to improving the lives of people living with complement-mediated and other rare diseases. For over three decades we’ve been guided by our passion for not settling for “ordinary” in our quest to develop novel medicines. We leverage our expertise in structure-guided drug design to develop first-in-class or best-in-class oral small-molecule and protein therapeutics, led by the efforts of our team of expert scientists in our Discovery Center of Excellence in Birmingham, Alabama. Our global headquarters is in Durham, North Carolina, our European headquarters is in Dublin, Ireland and our employees span the globe across sites in multiple countries. We are proud of our culture of engagement and accountability that rewards people for innovative thinking and achievement of key objectives. For more information, please visit our website at www.biocryst.com or follow us on LinkedIn and Instagram.

Job Summary

The Executive Director of Cybersecurity is a senior leadership role responsible for defining and executing a global cybersecurity and IT risk management strategy across a publicly traded biotech/pharmaceutical enterprise. This role ensures the protection of sensitive data, intellectual property, and critical infrastructure while maintaining compliance with global regulatory frameworks (e.g., FDA, EMA, HIPAA, GDPR, SOX). The role reports directly to the SVP of Information Technology and serves as the organization’s top cybersecurity authority.

Essential Duties & Responsibilities

Cybersecurity Strategy & Leadership

  • Define and lead the global cybersecurity vision, roadmap, and investment strategy.
  • Align security initiatives with enterprise risk appetite, business goals, and regulatory obligations.
  • Serve as the executive voice on cybersecurity to the board, audit committee, and external stakeholders.

Executive Presence & Communication

  • Present cybersecurity posture, risk assessments, and incident updates to executive leadership and the board of directors.
  • Translate complex technical risks into clear, actionable business insights.
  • Build trust and credibility with senior stakeholders across R&D, clinical, commercial, and manufacturing functions.

Security Metrics & Reporting

  • Establish, maintain, and continuously refine a comprehensive set of cybersecurity and IT risk metrics.
  • Develop dashboards and reporting mechanisms to track performance, maturity, and risk exposure.
  • Regularly report metrics to executive leadership and the board to support strategic decision-making and regulatory compliance.

IT Risk Management & Governance

  • Oversee enterprise-wide IT risk assessments, threat modeling, and mitigation strategies.
  • Establish and maintain a risk governance framework that integrates with enterprise risk management (ERM).
  • Lead incident response and crisis management planning for cyber events and IT disruptions.

Regulatory Compliance & Audit Readiness

  • Ensure compliance with global regulations and standards including SOX, HIPAA, GDPR, NIST, ISO 27001, and GxP.
  • Partner with Legal, Compliance, and Internal Audit to manage security audits and regulatory inspections.

Security Architecture & Operations

  • Direct the design and implementation of secure infrastructure, applications, and data protection frameworks.
  • Oversee security operations, including threat detection, vulnerability management, and endpoint protection.

Talent Development & Leadership

  • Foster a culture of security awareness and continuous improvement across the organization.

Innovation & Emerging Threats

  • Monitor the evolving threat landscape, including AI-driven threats, supply chain vulnerabilities, and geopolitical risks.
  • Drive adoption of advanced technologies such as zero trust, secure access service edge (SASE), and AI/ML-based threat detection.

Required Education/Experience/Skills

  • Bachelor’s degree in Computer Science, Information Systems or related field required. Advanced degree preferred.
  • 12+ years of progressive experience in cybersecurity, with at least 5 years in a senior leadership role.
  • Experience in a publicly traded, regulated industry preferable biotech, pharma, or life sciences.
  • Proven track record of presenting to executive leadership and boards of directors.
  • Deep understanding of global data privacy laws, IT risk frameworks, and regulatory compliance.
  • Executive presence with strong communication and stakeholder engagement skills.
  • Certifications such as CISSP, CISM, CRISC, or CISA preferred.

The statements in this position description are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. The manager may assign additional responsibilities and assignments from time to time.

BioCryst is an equal opportunity employer and is committed to providing equal employment opportunities without regard to age, race, religion, sex, sexual orientation, gender identity, national origin, Veterans status, disability and/or other protected class characteristics. Additionally, BioCryst is committed to achieving its business objectives in compliance with all federal, state and local law.

Apply now
Share this job
Twitter Facebook Linkedin Email