Xeris Pharmaceuticals, Inc. logo

Manager, Cybersecurity Operations

Xeris Pharmaceuticals, Inc.
July 01, 2026
Remote friendly (Chicago, IL)
United States
IT
Responsibilities:
- Lead security operations (monitoring, triage, response) for alerts across Azure, Microsoft 365, Windows 365, endpoints, identity, email, and core SaaS applications.
- Direct and coordinate MDR and SOC partners; ensure runbooks, effective SLAs, and high-quality investigations and escalations.
- Manage and coach the security operations team; partner with Infrastructure, Applications, Legal, Compliance, and business leaders to embed security into day-to-day processes.
- Establish IT/security governance and enforcement controls across the environment.
- Develop and continuously improve runbooks and standard operating procedures for security events and operational tasks.
- Oversee root cause analysis, basic forensics, and threat hunting across identity, email, endpoints, and cloud workloads.
- Drive incident lifecycle management (metrics, trends, remediation progress, lessons learned).
- Support protection of โ€œcrown jewelโ€ assets via data classification, conditional access, and policy enforcement.
- Partner in governance (GRC administration, NIST-based control assessments, InfoSec steering committee inputs, security improvement tracking).
- Perform vendor cybersecurity due diligence and manage third-party risk operations with Procurement and Legal.
- Maintain an inventory of security-relevant assets (devices, SaaS apps, privileged accounts).
- Support security awareness efforts (annual training, awareness month, targeted campaigns).
- Partner on KPIs, operational risk metrics, and budget planning for tools/services/managed partners.
- Identify and recommend opportunities to automate and streamline security operations.

Qualifications:
- Bachelorโ€™s degree in computer science/information systems/cybersecurity (or equivalent); 5+ years progressive cybersecurity experience with leadership responsibility.
- Hands-on IAM, SIEM, and vulnerability management tools in a Microsoft-centric environment (Entra ID, Microsoft 365, Defender suite).
- Knowledge of cybersecurity frameworks/controls (NIST CSF, ISO 27001, CIS).
- Proven incident response leadership; coordinate stakeholders; communicate with technical and non-technical audiences.
- Team leadership, collaboration, project management, strong written/verbal communication; attention to detail and adaptability.