Responsible for IT security, data privacy, compliance and IT risk management at Spark. This person is responsible for formulating and operationalizing plans for IT security, global data privacy, business continuity and other security risk areas. This is a hands-on role, but this individual must possess strong technical expertise with IT security technologies along with a strategic vision to develop and implement a global security and privacy framework.
Research, design and implement a global security and privacy framework. Work collaboratively with internal and external experts when needed. Analyze business needs, establish policies, procedures, controls and manage the IT security program.
Perform regular risk assessments to ensure the organization has prepared responses to threats against critical infrastructure.
Keep up to date on current and emerging threats and technology, build awareness and deliver IT security training targeted to all employees and multiple technical proficiencies .
Research, present, and implement appropriate security tools monitor and reduce risk in the organization.
Perform vendor security and privacy assessments, including cloud security, against industry standards and best practices
Monitor the organization’s networks, systems, mobile, and cloud environments for potential security incidents.
Develop multi-year plans for IT security, data privacy and business continuity.
Work closely and manage relationship with Managed Security Service provider
Work closely with the organization’s IT department and Managed Service Providers to set standards, incorporate best practices into the organization, and monitor configuration changes to maintain appropriate risk levels.
Lead the response effort for all IT security related incidents.
Report regularly to senior management on security activities, incidents, and remediation.
Provide clear direction and mobilize others to take action on priorities
Serve on the organization’s IT Security Steering Committee, preparing updates and reports and implementing action items as defined by the committee.
Must possess excellent interpersonal skills and the ability to build productive relationships in matrix organization. Capable of delivering results through influence and collaboration, and without formal authority.
Open minded and willing to leverage the ideas of others to achieve objectives Required
Independent self-starter with a continuous learning and improvement mindset
Must be comfortable in a fast-paced, demanding and dynamic work environment
Generally 10+ ears of experience in IT and IT Security.
Bachelor's Degree or equivalent relevant work experience
Required Special Skills
Extensive knowledge of principles, regulations, technical architectures, control processes and assurance practices for security.
Working knowledge of industry standards – NIST, ISO 27001/2, ITIL, COSO, COBIT, Cloud Security Alliance, US and global privacy/data protection laws,
Experience with assessing cloud security, leading global cross functional project teams, access control operations along with strong technical expertise are highly desirable.
Industry recognized IT Security certifications (i.e. CISSP, CIPP, CISA, CCSK) or the ability to achieve a security certification within a 12-month period
Preferred Special Skills
Experience within a manufacturing environment regulated by the FDA.
Experience with computer network validation.
Experience with the laboratory systems in a pharmaceutical environment
Relocation expenses are negotiable.
About Spark Therapeutics
Founded in March 2013 as a result of the technology and know-how accumulated over two decades at Children’s Hospital of Philadelphia (CHOP), Spark Therapeutics is a publicly traded, late clinical-stage gene therapy company. Its investigational therapies have the potential to provide long-lasting effects, dramatically and positively changing the lives of patients with conditions where no, or only palliative, therapies exist. Greater understanding of the human genome and genetic abnormalities have allowed our scientists to tailor investigational therapies to patients suffering from very specific genetic diseases. This approach holds great promise in developing effective treatments to a host of inherited diseases. Our initial focus is on treating orphan diseases.
Headquartered in dynamic Philadelphia, we are a diverse, experienced team united in our goal to break down barriers for people and families affected by genetic diseases. As our name suggests, our investigational, one-time therapies are designed to spark healthy biology, and deliver potentially life-altering transformation for people and families affected by genetic disease.
Challenge the inevitability of ge...netic disease by discovering, developing and delivering treatments in ways unimaginable – until now.
A world where no life is limited by genetic disease.