Senior Director, Cybersecurity

Title: Senior Director, Cybersecurity

Location: Brisbane, California

About Us:

Vera Therapeutics (Nasdaq: VERA), is a late-stage biotechnology company focused on developing treatments for serious immunological diseases. Vera’s mission is to advance treatments that target the source of immunologic diseases in order to change the standard of care for patients. Vera’s lead product candidate is atacicept, a fully humanized fusion protein self-administered at home as a subcutaneous injection once weekly that blocks both B-cell Activating Factor (BAFF) and A Proliferation Inducing Ligand (APRIL), which stimulate B cells and plasma cells to produce galactose-deficient IgA1 (Gd-IgA1) and associated autoantibodies, which together form immune complexes that are fundamental in the pathogenesis of IgA nephropathy (IgAN). Vera is also considering evaluating the role of atacicept in other immunologic disorders. Additionally, Vera is developing MAU868, a monoclonal antibody designed to neutralize infection with BK Virus, a polyomavirus that can have devastating consequences in certain settings such as kidney transplant. For more information, please visit: www.veratx.com.

Our values are the cornerstone of our culture. Our values inspire us every day and guide everything we do—from how we hire great people, to advancing our mission together, to achieving our ultimate goal to improve medical treatment for patients suffering from immunological diseases.

Position Summary:

The Senior Director Cybersecurity will report to the Vice President, Information Technology and will be responsible for designing, implementing, and managing a comprehensive cybersecurity strategy tailored to the needs of the Vera Therapeutics. This role encompasses protecting sensitive data, intellectual property, and operational systems from cyber threats while ensuring regulatory compliance. The ideal candidate will possess deep cybersecurity expertise, strong leadership skills with strategic mindset.

Responsibilities:

• Develop and execute the organization’s cybersecurity strategy, ensuring alignment with company and IT functional OKRs.
• Ensure compliance with relevant industry regulations (e.g., HIPAA, PHI, GDPR, FDA 21 CFR Part 11, SOX).
• Collaborate with legal, finance and compliance teams to address evolving regulatory requirements.
• Ensure compliance with relevant industry regulations (e.g., HIPAA, PHI, GDPR, FDA 21 CFR Part 11, SOX).
• Develop and oversee the company wide cybersecurity training modules along with periodic training courses to enhance the awareness of various threats such as phishing, malware, spoofing, trojan attacks, ransomware, vishing and smishing.
• Collaborate with the IT team, internal business partners, security vendors and company MSPs to ensure and maintain the company’s regulatory compliance and security posture.
• Establish a Security Operations Center and ensure alignment across all areas of IT - Core Technology, Commercialization and G&A Systems, Data Analytics and Reporting.
• Establish and oversee cybersecurity policies, standards, and best practice.
• Analyze threat and risk vulnerabilities; develop and execute mitigation strategies.
• Lead risk assessments and identify vulnerabilities across all IT Infrastructure and Business Systems.
• Proactively monitor and mitigate cyber threats, employing advanced threat intelligence and detection tools.
• Preparation and delivery of cybersecurity audits reports.
• Lead incident response efforts, minimizing downtime and impact during cybersecurity breaches.
• Partner with legal, finance and compliance teams to address evolving regulatory requirements.
• Build and manage a high-performing cybersecurity team, including hiring, training, and mentoring of staff.
• Collaborate with cross-functional teams to embed cybersecurity best practices into all organizational processes.
• Communicate cybersecurity risks and strategies effectively to executive leadership and stakeholders.

Qualifications:

• CISSP, CISM, or CISA certification required.
• Bachelor’s degree in the field of computer science, information systems, or related field required, or equivalent combination of education and experience required.
• Expertise in cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory compliance requirements.
• Minimum of 12 years of IT experience in positions of increasing responsibility, with a minimum of 8 years of leadership experience in a cybersecurity environment.
• Proven experience in biotech, pharmaceutical, healthcare, or other highly regulated industries.
• Comprehensive knowledge of IT security technologies related to authentication, authorization and encryption, firewall and intrusion prevention systems.
• Strategic thinking and the ability to align cybersecurity initiatives with company OKRs.
• Excellent communication and interpersonal skills to interact with technical and non-technical stakeholders.

Vera Therapeutics Inc. is an equal-opportunity employer.

Vera Therapeutics is committed to fair and equitable compensation practices and we strive to provide employees with total compensation packages that are market competitive. For this role, the anticipated base pay range begins at $240,000. The exact base pay offered for this role will depend on various factors, including but not limited to the candidate’s geography, qualifications, skills, and experience.

At Vera, base pay is only one part of your total compensation package. The successful candidate will be eligible for an annual performance incentive bonus, new hire equity, and ongoing performance-based equity. Vera Therapeutics also offers various benefits offerings, including, but not limited to, medical, dental, and vision insurance, 401k match, flexible time off, and a number of paid holidays.

Notice to Recruiters/Staffing Agencies

Recruiters and staffing agencies should not contact Vera Therapeutics through this page. All recruitment vendors (search firms, recruitment agencies, and staffing companies) are prohibited from contacting our hiring manager(s), executive team members, or employees.

We require that all recruiters and staffing agencies have a fully executed, formal written agreement on file.

Vera Therapeutics’ receipt or acceptance of an unsolicited resume submitted by a vendor organization to this website or employee does not constitute an actual or implied contract between Vera Therapeutics and such organization and will be considered unsolicited and Vera Therapeutics will not be responsible for related fees.

Fraud Alert

To all candidates: your personal information and online safety are a top priority for us. At Vera Therapeutics, recruiters only direct candidates to apply through our official career page at https://veratx.com/careers/.

Recruiters will always contact you using the domain of veratx.com. We will never request payments, ask for financial account information or sensitive information like social security numbers. If you are unsure if a message is from Vera Therapeutics, please email human resources.