6 Sr. Director, IT Security Jobs in Washington, DC
SORT BY
G
General Dynamics Information Technology
Washington, DC | Contractor
$205k-258k (estimate)
2 Days Ago
I
I
C
i
F
Sr. Director, IT Security
$146k-190k (estimate)
Full Time | Ancillary Healthcare
7 Months Ago
CareDx is Hiring a Sr. Director, IT Security Near Washington, DC
Sr Director, IT Security
CareDx, Inc. is a leading precision medicine solutions company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers. CareDx offers products, testing services, and digital healthcare solutions along the pre- and post-transplant patient journey, and is the leading provider of genomics-based information for transplant patients.
The Cybersecurity Lead role will blend business and technical knowledge with strong analysis and technology skills in support of CareDx’ cybersecurity program. This person will have the ability prioritize multiple projects, dynamically transition between supporting on-prem, cloud, and application development. Building a security team to support CareDx’s growth is a key responsibility of the cybersecurity lead. This person will develop, implement, manage and improve CareDx’ Information Security Program.
The ideal candidate will have a broad working knowledge of both cybersecurity frameworks and information security capabilities from working in roles that included exposure to risk management, compliance, technical and business operations. This candidate will enjoy working with business units to analyze and document business process in a way that ensures secure and compliant processes. Experience with security frameworks and their application in a working environment with sensitive data is key to this role. Familiarity with technical security toolsets, their capabilities and limitations will be needed to fulfill the requirements of this role, as well as the desire and ability to remain current on information security trends, cyber threats, laws and regulations.
Responsibilities
- Security operational and governance focus. Ensuring the business stays aligned with applicable risks and regulatory requirements.
- Ensure cybersecurity strategy and road map are in alignment with industry, threats, audit gaps, and best practices. Keep maturity efforts on-track.
- Develop, document, manage and improve security controls across CareDx departments.
- Support configuration management by providing security best practice configuration recommendations.
- Support secure application development through Dev/Sec/Ops.
- Ensure compliance to security policies, standards and processes.
- Provide audit support through activities like, quarterly user role and access, ensuring alignment with role and access matrixes, working with external auditors.
- Conduct third-party risk management through risk assessments and provide recommendations.
- Provide risk management activities by qualifying and performing internal risk assessments and risk treatment recommendations.
- Respond to external security questionnaires.
- Assist in the development, delivery, training and administration of security awareness programs to the workforce.
- Ability to operate security tools, e.g. Endpoint protection, Web filtering, VM, MDM, SIEM, DLP, etc.
- Collect and gather metrics from tools and teams for security reporting. Prepare and present reports to security committee and leadership.
- Support and lead cybersecurity incident response efforts.
- Other duties as assigned.
Skills and Qualifications
- Bachelor's degree in Business, Computer Science, Engineering or related discipline or equivalent experience
- 7-10 years in a cybersecurity leadership role
- Solid understanding of NIST CSF cybersecurity framework; including the ability to apply appropriate identification, proration, detection, respond, and recover capabilities.
- Experience managing SOC 2 audit efforts and HIPAA risk assessments
- Business analyst and/or audit experience encompassing information technology systems and security controls
- Experience with cloud provider security concerns and documenting risk treatment initiatives
- Understanding of application security disciplines, exploits, and frameworks such as OWASP
- Working knowledge of directory services, application development, and infrastructure (networks, server and end computing devices) as required to ensure compliance with information security controls
- Experience with IDR, EDR, and NAC tools
- Experience providing technical oversight on managed, or internal, security services including; endpoint protection, vulnerability assessments, patch management, log management, and perimeter controls.
- Office O365 experience focusing on security best practices and configuration.
- Azure experience focusing on Security Center and best practices and configuration.
- Experience working with application development teams (DevOps).
- A broad range of exposure to business continuity, systems analysis and risk management
- Excellent written and verbal communications
- Project or engagement management experience with the ability to manage multiple and complex priorities across cross-functional teams
- Takes initiative on improvements and proposes solutions to security and audit gaps.
- Ability to handle multiple tasks and projects simultaneously in an organized and timely manner.
- Detailed oriented, with the ability to plan, prioritize, and meet deadlines in a fast-paced environment
- Ability to communicate professionally and effectively, both written and verbally, particularly when under pressure
- Ability to work independently, as well as part of a team
Additional Details:
Every individual at CareDx has a direct impact on our collective mission to improve the lives of organ transplant patients worldwide. We believe in taking great care of our people, so they take even greater care of our patients.
Our competitive Total Rewards package includes:
- Competitive base salary and incentive compensation
- Health and welfare benefits including a gym reimbursement program
- 401(k) savings plan match
- Employee Stock Purchase Plan
- Pre-tax commuter benefits
- And more!
In addition, we have a Living Donor Employee Recovery Policy that allows up to 30 days of paid leave annually to a full-time employee who makes the selfless act of donating an organ or bone marrow.
With products that are making a difference in the lives of transplant patients today and a promising pipeline for the future, it’s an exciting time to be part of the CareDx team. Join us in partnering with transplant patients to transform our future together.
CareDx, Inc. is an Equal Opportunity Employer and participates in the E-Verify program.
By proceeding with our application and submitting your information, you acknowledge that you have read our U.S. Personnel Privacy Notice and consent to receive email communication from CareDx.
******** We do not accept resumes from headhunters, placement agencies, or other suppliers that have not signed a formal agreement with us.
#LI-Remote
Job Summary
JOB TYPE
Full Time
INDUSTRY
Ancillary Healthcare
SALARY
$146k-190k (estimate)
POST DATE
09/16/2023
EXPIRATION DATE
05/10/2024
WEBSITE
caredx.com
HEADQUARTERS
SOUTH SAN FRANCISCO, CA
SIZE
200 - 500
FOUNDED
1998
TYPE
Public
CEO
REGINALD SEETO
REVENUE
$50M - $200M
INDUSTRY
Ancillary Healthcare
Related Companies
About CareDx
CareDx is a precision medicine company that provides transplant surveillance and pre-transplant HLA typing solutions for transplant patients.
Show more
Similar Jobs
Popular Articles
Top 10 Things to Avoid Putting on a Job Application
Read Article
How to Describe Your Education in a Resume
Read Article
How to Write a Memorable Cover Letter in 5 Ways
Read Article
4 Personal Finance Tips to Make During Job Transition
Read Article
4 Best Camera Setups for Interview
Read Article
Keeping a Job Search Journal: 9 Types of Journaling You Can Do
Read Article
