IT Security Lead
Job Opportunity at Spark Therapeutics, Inc

Posted on Jul 19

http://www.sparktx.com    215-220-9300

Location: Philadelphia, PA
Job Type: Full Time
Job ID: W4157972

Responsible for IT security, data privacy, and IT risk management at Spark.   This person is responsible for formulating and operationalizing plans for IT security, global data privacy, Incident Response and other security risk areas.  This is a hands-on role, but this individual must possess strong technical expertise with IT security technologies along with a strategic vision to develop and implement an IT Security and Data Privacy program based on a global security and privacy framework.

  • Research, design and implement an IT Security and Data Privacy program based on a global security and privacy framework. Work collaboratively with internal and external experts when needed.  Analyze business needs, establish policies, procedures, controls and manage the IT security program.
  • Perform regular IT Security assessments, vulnerability scanning, network penetration testing, and Incident Response Plan testing to ensure the organization has addressed vulnerabilities, implemented effective security controls, and prepared responses to threats against critical infrastructure. Perform timely remediation of identified gaps.
  • Keep up to date on current and emerging threats and technology, build awareness and deliver IT security training targeted to all employees.
  • Research, present, and implement appropriate security tools to monitor and reduce risk in the organization.  Ensure all security tools are configured and maintained according to company policies, industry standards, and best practices.
  • Support vendor security and privacy assessments, including cloud security, against company policies, industry standards, and best practices.
  • Monitor the organization’s networks, systems, mobile, and cloud environments for potential security incidents, execute remediation tasks where necessary, and provide oversight for patch management processes and other required security updates.
  • Develop and maintain a multi-year cybersecurity roadmap for enhancing IT security, minimizing risk, and improving data privacy protections.
  • Work closely and manage relationship with Managed Security Service provider
  • Work closely with the organization’s IT department and Managed Service Providers to set standards, incorporate best practices into the organization, and monitor configuration changes to maintain appropriate risk levels.
  • Develop an Incident Response Plan, ensure all IR Plan participants are aware of their responsibilities, and lead the response effort for all IT security related incidents.
  • Work closely with the IT Compliance Lead to regularly perform system access reviews, collect audit evidence, maintain documentation and monitor security controls to support audits.
  • Report regularly to senior management on security activities, incidents, and remediation.
  • Provide clear direction and mobilize others to take action on priorities
  • Serve on the organization’s IT Security Steering Committee, preparing updates and reports and implementing action items as defined by the committee.

  • Must possess excellent interpersonal skills and the ability to build productive relationships in matrix organization. Capable of delivering results through influence and collaboration, and without formal authority.
  • Open minded and willing to leverage the ideas of others to achieve objectives required
  • Independent self-starter with a continuous learning and improvement mindset
  • Must be comfortable in a fast-paced, demanding and dynamic work environment

  • Generally 10+ years of experience in IT and IT Security.
  • Bachelor's Degree or equivalent relevant work experience
Required Special Skills
  • Extensive knowledge of principles, regulations, technical architectures, control processes and assurance practices for security.
  • Working knowledge of industry standards – NIST, ISO 27001/2, ITIL, COSO, COBIT, Cloud Security Alliance, US and global privacy/data protection laws,
  • Experience with assessing cloud security, leading global cross functional project teams, access control operations along with strong technical expertise are highly desirable.
  • Industry recognized IT Security certifications (i.e. CISSP, CIPP, CISA, CCSK) or the ability to achieve a security certification within a 12-month period
Preferred Special Skills
  • Experience within a manufacturing environment regulated by the FDA.
  • Experience with computer network validation.
  • Experience with the laboratory systems in a pharmaceutical environment


Transforming Patient’s Lives. Spark Therapeutics is a pioneering gene therapy leader transforming the lives of patients suffering from debilitating genetic diseases by developing one-time, life-altering treatments. We are embarking on our goal to deliver the first approved gene therapy product in the US for genetic blinding conditions and have a product pipeline addressing other unmet rare genetic diseases. We have an entrepreneurial culture and are looking for talented and passionate professionals who are committed and motivated to making a difference in the lives of our patients. If you share our passion for excellence and are looking for a dynamic work environment that fosters creativity, scientific innovation and team collaboration, you may be a great fit for our team.

MedicalDeviceIndustryNow.com is owned, operated, and copyrighted by Career Marketplace (© 2002-2019, All Rights Reserved)