General Scope and Summary
SAGE Therapeutics is searching for a creative, resourceful, integrative thinker for the important role of Cybersecurity lead. The Associate Director of Cybersecurity is responsible for establishing and maintaining an enterprise-wide cybersecurity management program to ensure that information assets are adequately protected. This position serves a key role in the organization, working closely with the IT Leadership Team, business function leaders, and the Sage community. The Associate Director of Cybersecurity is an advocate for Sage's total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the enterprise. The Associate Director leads the development and implementation of a security program that leverages collaborations and enterprise-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. This role is critical in establishing a pervasive culture of cybersecurity thought the organization.
Roles and Responsibilities (Essential Functions)
- Responsible for the strategic leadership of Sage's information security program.
- Provide guidance and counsel to the IT Leadership Team and Corporate leadership team.
- Work closely with IT Leadership Team, IT Team members, business partners, and the Sage user community while building relationships and goodwill.
- Work with corporate leadership to oversee the continuation and formalization of cybersecurity operations of a Sage-wide information security function that is organized toward a common goal in information security.
- Extend the existing cybersecurity program in a way that is consistent with Sage Core Values and the Sage culture.
- Promote collaborative, empowered working environments across the organization, removing barriers and realizing possibilities.
- Manage institution-wide information security governance processes.
- Chair the Cyber Security Advisory Committee and lead Cyber Security Liaisons in the establishment of an information security program and project priorities.
- Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire institution in support of academic, research, and administrative information systems and technology.
- Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
- Stay abreast of information security issues and regulatory changes affecting higher education at the state and national level, participate in national policy and practice discussions, and communicate to campus on a regular basis about those topics.
- Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
- Mentor the Service Desk team members in cybersecurity practices.
Experience, Education and Specialized Knowledge and Skills
- Must thrive working in a fast-paced, innovative environment while remaining flexible, proactive, resourceful and efficient. Excellent interpersonal skills, ability to develop important relationships with key stakeholders, ability to identify issues and raise to key stakeholders in order to develop relevant and realistic plans, programs and recommendations.
- Bachelor's degree in business administration or a technology-related field. Professional security management certification.
- Minimum of 5 years of experience in a combination of risk management, information security and information technology leadership.
- Expert knowledge of information security management frameworks, such as ISO/IEC 27001, and NIST.
- Excellent written and verbal communication skills and high level of personal integrity, innovative thinking and leadership with an ability to lead and motivate diverse, cross-functional, and interdisciplinary teams
- Security certification such a CISSP or similar
- Experience operating in a biotech or pharmaceutical company.
- Experience operating in a regulated industry such as banking or financial services.
- Experience working with all levels of management and consulting with key business stakeholders. An ability to influence for greater outcomes.
- Strong team player that has a customer service approach and is solution oriented.
- Attention to detail and the ability to work individually, within a multi-disciplinary team, as well as with external partners and vendors.
- Possesses strong written and verbal communication skills.
- Embrace our core values: Put People First, Do Big, Be Accountable, Grow through Learning and Change, and Work Fun.
- Excitement about the vision and mission of Sage.
This job description may not be inclusive of all assigned duties, responsibilities, or aspects of the job described. Other duties may be added, or this description amended at any time at the sole discretion of Sage.Employment Type: Employee Number of Openings: 1 Job ID: R000485 #Biotechnology #Careers #ThisIsSage
All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other factors prohibited by law.
EEO is the Law
EEO is the Law - Poster Supplement
We value our relationships with professional recruitment firms. To protect the interests of all parties, and given the large volume of inquiries received from third-party placement agencies, we are not able to respond to all agency inquiries. We do not accept unsolicited resumes from any source other than directly from candidates for current or future positions. Submission of unsolicited resumes in advance of a signed agreement between our company and a placement agency does not create an implied obligation and, if an unsolicited candidate represented by a placement agency is hired, we are not obligated to pay a fee. Only approved recruitment firms will be allowed to provide services to Sage Therapeutics, Inc.
Apply on company website