IT Security Engineer
Information Technology | Mountain View, CA | Full Time
Job Description
Company Overview
ChemoCentryx is a biopharmaceutical company focused on discovering, developing and commercializing novel therapeutics to treat autoimmune diseases, inflammatory disorders and cancer, primarily focused on orphan and rare diseases. ChemoCentryx balances a passion for science with the deep-seated belief that patients suffering from serious diseases deserve more than incremental improvements to the length and quality of their lives.
As a clinical-stage company with a broad portfolio in multiple therapeutic areas, ChemoCentryx pushes beyond “good enough” and strives for a totally new way of healing.
Position Overview
- Manage the security profile of the organization to ensure the desired risk maintained
- Develop methods and procedures that ensure the quality in the areas of security and risk management
- Establish clear processes for team management and communication
- Execute on team decisions regarding team goals and objectives to delivery
- Lead process improvement initiatives and optimize team efficiency, quality and performance
- Collaborate with team to deliver on commitments to the organization
Essential Duties and Responsibilities
- Plan and execute projects accordance with the goals set for the security posture of the organizations
- Facilitate alignment with key stakeholders to ensure risks are communicated and managed in a timely manner
- Execute, validate and maintain the security controls environment to be in alighment with organizational goals
- Implement and maintain appropriate security and risk management practices that tie out to organizational risk tolerance and the guidelines established by the organization's Compliance Officer
- Lead process improvement initiatives to ensure the organization stays current with the threat landscape from security and risk management perspectives
- Safeguards information system assets by identifying and solving potential and actual security problems
- Protects system by defining access privileges, control structures and resources
- Determine security violations and inefficiencies by conductin periodic audits
- Upgrade systems by implementing and maintaining security controls
- Assume additional responsibilities and leadership rolees that are commensurate with experience and expertise
Requirements
- BSc/BA in Computer Sciences, Information Systems, Engineering or relevant field
- Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others.)
- 2+ years experience in developing security standards and implementing technical controls to meet standarads and regulatory requirements
- Strong enterprise application and database fundamentals
- Must have deep and thorough understanding and of monitoring best practices, preferably with Microsoft System Center Operations Manager (SCOM)
- Thorough understanding of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)
- 4+ Years experience in identification of risk and compliance. Broad security knowledge acrss common industry security standards (e.g. SIO, NIST, COSO, COBIT, PCI, FFEIC, SOX, SSAE16 and others)
- Expertise across a variety of security products including firewalls, URL filtering, information security and virus protection
- The commercial accumen to provide cost-effective security solutions
- An enthusiasm to stay current very latest updates about security threats and solutions
- Strong time management and organizational skills
- Outstanding verbal and written communications , and the ability to effectively interact with all levels of the company, including internal partners, external providers, and functional areas
- Ability to summarize complex security information into simple concepts for broad communication to management teams and for status reports
- Excellent interpersonal skills and the ability to develop important relationships with key stakeholders; strong conflict management skills
- Excellent analytical skills with the ability to communicate complex issues
- Ability to translate strategy inot acition; strong influence, negatiation and presentation skills
- Proven track record of good decision-making and excrsing sound judgement
- Proven Ability/expertise to advise internal teams to ensure security requirements are met as part of aarganization projects
- Strong proficiency with MS Word, MS Excel, and MS Powerpoint