IT Security Engineer

Company Overview

ChemoCentryx is a biopharmaceutical company focused on discovering, developing and commercializing novel therapeutics to treat autoimmune diseases, inflammatory disorders and cancer, primarily focused on orphan and rare diseases. ChemoCentryx balances a passion for science with the deep-seated belief that patients suffering from serious diseases deserve more than incremental improvements to the length and quality of their lives.

As a clinical-stage company with a broad portfolio in multiple therapeutic areas, ChemoCentryx pushes beyond “good enough” and strives for a totally new way of healing.

Position Overview

•  Manage the security profile of the organization to ensure the desired risk maintained
• Develop methods and procedures that ensure the quality in the areas of security and risk management
• Establish clear processes for team management and communication
• Execute on team decisions regarding team goals and objectives to delivery
• Lead process improvement initiatives and optimize team efficiency, quality and performance
• Collaborate with team to deliver on commitments to the organization

Essential Duties and Responsibilities

• Plan and execute projects accordance with the goals set for the security posture of the organizations
• Facilitate alignment with key stakeholders to ensure risks are communicated and managed in a timely manner
• Execute, validate and maintain the security controls environment to be in alighment with organizational goals
• Implement and maintain appropriate security and risk management practices that tie out to organizational risk tolerance and the guidelines established by the organization's Compliance Officer
• Lead process improvement initiatives to ensure the organization stays current with the threat landscape from security and risk management perspectives
• Safeguards information system assets by identifying and solving potential and actual security problems
• Protects system by defining access privileges, control structures and resources
• Determine security violations and inefficiencies by conductin periodic audits
• Upgrade systems by implementing and maintaining security controls
• Assume additional responsibilities and leadership rolees that are commensurate with experience and expertise

Requirements

• BSc/BA in Computer Sciences, Information Systems, Engineering or relevant field
• Technical knowledge of security technologies and architecture in multiple security domains (such as infrastructure hardening, privileged access, data security, endpoint security, anti-malware, network security, application security and others.)
• 2+ years experience in developing security standards and implementing technical controls to meet standarads and regulatory requirements
• Strong enterprise application and database fundamentals
• Must have deep and thorough understanding and of monitoring best practices, preferably with Microsoft System Center Operations Manager (SCOM)
• Thorough understanding of Windows Server Security (IPSec, NTLM, UAC, Windows Firewalls, etc.)
• 4+ Years experience in identification of risk and compliance.  Broad security knowledge acrss common industry security standards (e.g. SIO, NIST, COSO, COBIT, PCI, FFEIC, SOX, SSAE16 and others)
• Expertise across a variety of security products including firewalls, URL filtering, information security and virus protection
• The commercial accumen to provide cost-effective security solutions
• An enthusiasm to stay current very latest updates about security threats and solutions
• Strong time management and organizational skills
• Outstanding verbal and written communications , and the ability to effectively interact with all levels of the company, including internal partners, external providers, and functional areas
• Ability to summarize complex security information into simple concepts for broad communication to management teams and for status reports
• Excellent interpersonal skills and the ability to develop important relationships with key stakeholders; strong conflict management skills
• Excellent analytical skills with the ability to communicate complex issues
• Ability to translate strategy inot acition; strong influence, negatiation and presentation skills
• Proven track record of good decision-making and excrsing sound judgement
• Proven Ability/expertise to advise internal teams to ensure security requirements are met as part of aarganization projects
• Strong proficiency with MS Word, MS Excel, and MS Powerpoint