Your browser cookies must be enabled in order to apply for this job. Please contact if you need further instruction on how to do that.

IT Security Engineer

Information Technology | San Carlos, CA | Full Time

Job Description

Company Overview

ChemoCentryx is a biopharmaceutical company focused on discovering, developing and commercializing novel therapeutics to treat autoimmune diseases, inflammatory disorders and cancer, primarily focused on orphan and rare diseases. ChemoCentryx balances a passion for science with the deep-seated belief that patients suffering from serious diseases deserve more than incremental improvements to the length and quality of their lives.

As a clinical-stage company with a broad portfolio in multiple therapeutic areas, ChemoCentryx pushes beyond “good enough” and strives for a totally new way of healing.


Position Overview

  •  Manage the security profile of the organization to ensure the desired risk maintained
  • Develop methods and procedures that ensure the quality in the areas of security and risk management
  • Establish clear processes for team management and communication
  • Execute on team decisions regarding team goals and objectives to delivery
  • Lead process improvement initiatives and optimize team efficiency, quality and performance
  • Collaborate with team to deliver on commitments to the organization

Essential Duties and Responsibilities

  • Plan and execute projects accordance with the goals set for the security posture of the organizations
  • Facilitate alignment with key stakeholders to ensure risks are communicated and managed in a timely manner
  • Execute, validate and maintain the security controls environment to be in alighment with organizational goals
  • Implement and maintain appropriate security and risk management practices that tie out to organizational risk tolerance and the guidelines established by the organization's Compliance Officer
  • Lead process improvement initiatives to ensure the organization stays current with the threat landscape from security and risk management perspectives
  • Safeguards information system assets by identifying and solving potential and actual security problems
  • Protects system by defining access privileges, control structures and resources
  • Determine security violations and inefficiencies by conductin periodic audits
  • Upgrade systems by implementing and maintaining security controls
  • Assume additional responsibilities and leadership rolees that are commensurate with experience and expertise


  • BSc/BA in Computer Sciences, Information Systems, Engineering or relevant field
  • Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others.)
  • 2+ years experience in developing security standards and implementing technical controls to meet standarads and regulatory requirements
  • Strong enterprise application and database fundamentals
  • Must have deep and thorough understanding and of monitoring best practices, preferably with Microsoft System Center Operations Manager (SCOM)
  • Thorough understanding of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)
  • 4+ Years experience in identification of risk and compliance.  Broad security knowledge acrss common industry security standards (e.g. SIO, NIST, COSO, COBIT, PCI, FFEIC, SOX, SSAE16 and others)
  • Expertise across a variety of security products including firewalls, URL filtering, information security and virus protection
  • The commercial accumen to provide cost-effective security solutions
  • An enthusiasm to stay current very latest updates about security threats and solutions
  • Strong time management and organizational skills
  • Outstanding verbal and written communications , and the ability to effectively interact with all levels of the company, including internal partners, external providers, and functional areas
  • Ability to summarize complex security information into simple concepts for broad communication to management teams and for status reports
  • Excellent interpersonal skills and the ability to develop important relationships with key stakeholders; strong conflict management skills
  • Excellent analytical skills with the ability to communicate complex issues
  • Ability to translate strategy inot acition; strong influence, negatiation and presentation skills
  • Proven track record of good decision-making and excrsing sound judgement
  • Proven Ability/expertise to advise internal teams to ensure security requirements are met as part of aarganization projects
  • Strong proficiency with MS Word, MS Excel, and MS Powerpoint