Guardant Health is already helping thousands of cancer patients & we are seeking someone to head up our IT Security team & lead our internal security strategy across the company as we scale. This role is located in Redwood City, CA & will report directly to our CIO.
If you are a hands-on leader, want to be part of a team making a difference in the lives of cancer patients by helping the organization develop its talent, then we'd like to hear from you. Our philosophy is Patient First, Team Second & Individual Third.
What we will offer you:
- The chance to join an explosive industry, a successful & growing organization with an unmatched leadership team, who is passionate about their employees.
- An opportunity to make a real impact on cancer patients with our cutting-edge diagnostic tests.
- A supportive, collaborate work environment, with colleagues who care about the success of the organization.
- A place that will provide competitive compensation, on-going recognition, & most of all, a chance to learn, contribute & develop your skills.
- You will love your job, have fun while working, & be supported by enthusiastic & passionate co-workers.
Guardant Health is looking for an experienced & visionary leader who wants to be part of a team of technology & business professionals supporting our mission of conquering cancer with data. Custodians of Protected Health Information (PHI) & human genomic data, we adopt an approach of Security & Compliance by Design. As the Information Security Officer reporting to the Chief Information Officer, you will:
- Work with all business functions to understand security risks & opportunities, develop & maintain a holistic security strategy, & represent the strategy to our executives & Board of Directors
- Advocate on matters of information security, trust & privacy to internal & external stakeholders
- Partner with R&D, product & software teams to ensure that Information Security requirements/controls are embedded within the product & software development processes
- Establish & maintain close working relationships with global Privacy & Data Protection Officers, ensuring alignment of the objectives & plans between Information Security, Corporate Compliance & Data Privacy
- Own the Information Security policies to meet business requirements & in compliance with US federal, state, EU & other regulatory bodies
- Establish a comprehensive security program, & build an information security function, based on assessed information security risk & business priorities; communicate regular status updates on progress of strategy implementation & maturity of the program
- Oversee or directly manage security capabilities such as: design & approval of security systems; event monitoring & incident management; identity & access management; training - both specific (eg secure coding practices), & general (eg employee education & awareness); selection of tools & vendors
- Drive regular security reviews, including penetration testing & vulnerability assessments; own remediation plans through completion, in conjunction with other business & technical leaders
- Oversee security assessments of industry partners & technology vendors
- Remain current with the security threat landscape, emerging technologies & security solutions, changes to regulations or legislation
- Participate as a member of the CIO leadership team in strategy, architecture, development, operations & data governance
- You enjoy an agile, fast paced & highly technical environment.
- You are passionate & deeply knowledgeable about building Information Security (#infosec) into day-to-day business processes within a high-growth environment.
- You are comfortable with tackling technical problems, driving solutions from conception to birth, leading cross-functional collaboration, & communicating technical & non-technical information across multiple functions & levels.
- 10+ years of experience in Information Security based on deep technical knowledge; a minimum of 3 years in senior leadership roles
- Familiarity with Information Security standards, frameworks & reference sources, such as NIST; ISO 27000 series; MITRE ATT&CK; OWASP; along with hands on experience in implementing such frameworks or leveraging sources to govern & maintain operational excellence in security operations
- Extensive hands-on experience in IT & application security best practice & trends, network & internet security, IT standards & policies
- Proven experience in developing & executing a roadmap to comply with regulations such as HIPAA, SOC2, SOX, GDPR as well as integration between information security & other frameworks such as COBIT
- Current with enterprise technology stacks, practices & trends, such as cloud, CI/CD, big data, digital transformation, collaboration, BYOD & infrastructure virtualization
- Understanding of US & international legal structures, precedents & remedies pertaining to information security, for example breach notification procedures, as well as specific requirements to satisfy CCPA, GDPR, HIPAA or equivalent legislation
- International experience of collaboration with offshore & outsourced teams
- Experience in Healthcare & Life Science industries preferred
- Industry security certifications such as CISA, CISM, CISSP, CCSP, or equivalent are welcome but not required
- Bachelor's degree in Computer Science, Engineering or related discipline is preferred; equivalent knowledge & experience acceptable
We would like to talk with you about our exciting projects we currently have ongoing. Please seewww.guardanthealth.com/jobsfor more information & to apply.
To learn more about the information collected when you apply for a position at Guardant Health & how it is used, please review ourPrivacyNotice for Job Applicants.
All your information will be kept confidential according to EEO guidelines. NO AGENCIES PLEASE.