Job Purpose
Protect the organization’s digital infrastructure, data, and systems from internal and external cybersecurity threats by implementing, managing, and continuously improving security practices, tools, and operations with a focus on cloud applications and infrastructure.
Essential Duties/Responsibilities
- Design and implement robust security architectures for cloud environments.
- Lead cross-functional collaboration to strengthen security across systems and operations.
- Investigate and resolve complex security events/incidents; develop response strategies and integrate lessons learned into policies/controls.
- Analyze security logs/events to proactively address current and emerging threats.
- Provide leadership updates on threat landscape and recommend cybersecurity solutions.
- Assess vulnerabilities and recommend solutions to mitigate weaknesses.
- Collaborate with internal teams, vendors, and partners on security best practices and incident response.
- Ensure compliance with industry standards and organizational policies (including SOX and FDA requirements).
Qualifications
- Bachelor’s degree (related) + 9 years; or Master’s degree (related) + 7 years; or equivalent combination.
- CISSP, CISM, CEH, OSCP, GIAC or similar certification preferred.
Experience
- Operate and implement cybersecurity tools.
- Design/implement/manage cloud security controls (IAM, VPC, Zero Trust, IaC, IaaS, Security Groups, KMS, SDLC, CI/CD, Network Security).
- IT security/infrastructure administration in an enterprise; technical lead/management preferred.
- Investigations and response to cyber incidents.
- Security awareness/resilience; cloud/system/application security.
- Administer IT systems; Agile and ticketing tools (JIRA/JSM).
- Regulated industries (biotech/pharma) with GxP and SOX knowledge preferred.
Skills/Abilities
- Advanced AWS; IaC/SDLC/CI-CD knowledge; cybersecurity technologies/concepts.
- Strong analytical, problem-solving, and communication skills.
- CLI/scripting (Python, PowerShell); ability to work with ambiguity and confidential data.
- Architect secure cloud infrastructure using IaC guardrails/golden paths across AWS/Azure.
- Integrate SAST/SCA/DAST and dependency scanning into GitHub pipelines.
Benefits
- Base pay range: $154,500–$220,500 annually.
- 401(k) with company contributions; medical/dental/vision; life/disability; flexible spending accounts; discretionary annual bonus (or sales incentive for field sales); company stock; 15 vacation days (year 1); 17 paid holidays incl. winter shutdown; up to 10 sick days.
Application Instructions
- For disability accommodation related to application/recruitment: recruiting@exelixis.com