Associate Director, Information Security
Our mission is to make biology easier to engineerGinkgo is constructing, editing, and redesigning the living world in order to answer the globe's growing challenges in health, energy, food, materials, and moreOur bioengineers make use of an in-house automated foundry for designing and building new organismsWe are currently expanding our Information Security team, and we're seeking people who are excited about growing and improving our core security and compliance services and capabilities and helping us keep Ginkgo Bioworks secureIn support of our mission, we are looking for a well-rounded hands-on IT professional with a proven track in information technology, security, and compliance (SOX, HIPAA, NIST)You will be a direct report to our Chief Information Security Officer (CISO), assisting with our IT Governance, Risk, and Compliance (GRC) program while also leading security operations functionsYou should expect 50-70% of your workday focusing on GRC with an emphasis on SOX controlsYour additional responsibilities will consist of broad exposure in leading various technical aspects of cybersecurity operationsWe view this role as an opportunity to blend both compliance and cybersecurity within our teamResponsibilities Lead and oversee a team of Information Security EngineersLead and support the testing and documentation of our compliance controls (SOX, NIST) Assist in the management of our overall Governance, Risk, and Compliance program through internal and external third-party assessments Assist in maintaining our Risk RegisterMonitor, test, and update our disaster recovery programWork directly with multiple technical stakeholders (Software, Data, IT, DevOps) in reviewing and updating policies and procedures where appropriateLead and assist team members in responding to incidents and security ticketsLead and assist senior engineers in the monitoring and use of our various security tools that include but are not limited to the following:
End-point protection, network security, and data loss preventionAssist in building out continuous auditing processes including the use of data analyticsCollaborate closely with company peers for business and legal entity auditsAdvise internal audit and various committees on Technology risksMaintain key relationships with stakeholders across the organization, including the CIO, CISO, CTO, and othersEnsure that the IT audit function is well integrated with the overall audit programCommunicating audit findings and recommendations effectively to the Ginkgo's leadership teamMonitoring and track progress on IT audit findings and recommendationsServe as a subject matter expert for technology risk and controls frameworks, e.
gNIST, and apply them effectively in audits Role model behavior in cross-cultural awareness and ability to connect with colleagues globally in establishing and maintaining a collaborative and inclusive work environmentResponsible for driving transformation and continuous improvement in IT audit practices, processes operational activities Develop and execute a robust information security strategy aligned with organizational goals and industry best practicesAssess and prioritize security risks and formulate effective risk management strategiesCollaborate with cross-functional teams to integrate security measures into business processes and applicationsAssist in developing and maintaining information security policies, standards, and guidelinesEnsure policies are communicated effectively and consistently applied across the company Regularly review and update security documentation to reflect changes in the threat landscape and business requirementsEnsure compliance with relevant data protection laws, regulations, and industry standardsCoordinate and participate in security audits, assessments, and certification processesWork closely with legal and compliance teams to address any security-related legal and regulatory requirementsAssist incident response efforts, including investigation, containment, and resolutionConduct post-incident analysis and implement corrective actions to prevent future occurrencesEvaluate the security posture of vendors and third-party partnersEstablish and maintain a robust vendor risk management program to ensure the security of third-party relationshipsOversee the selection, implementation, and maintenance of security technologiesWork closely with the IT team to ensure that security controls are integrated seamlessly into the technology infrastructureMinimum Requirements Typically PhD with 5 years of experience; or 8 years and a Master's degree; 12 years of related experience with a Bachelor's degree in Information Systems, Cybersecurity, Cyber Risk; or an equivalent mix of education and experience 15
years of combined experience in information technology/engineering, cybersecurity, and Compliance; experience working in Life Sciences, a plus! Ability to communicate technical information to a wide variety of people in an easily understandable way Proactive approach in communicating possible risks and recommendations to mitigate A strong architectural level of understanding of software, networks, and security operations Must have real-world experience working with ITGC's and SOX controls in a publicly traded company Ability to obtain the CISSP certification in 2 years Ability to thrive and stay calm in a fast-paced, high pressure, ever-changing cyber threat environment Preferred Capabilities and Experience Experience working in the biotech space is a plusExperience working with and validating large datasets and working with Snowflake Experience managing security operations To learn more about Ginkgo, visit www.
ginkgobioworks.
com/press/ or check out some curated press below:
What is it really like to take your company public via a SPAC? One Boston biotech shares its journey (Fortune) Ginkgo Bioworks resizes the definition of going big in biotech, raising $2.
5B in a record SPAC deal that weighs in with a whopping $15B-plus valuation (Endpoints News) Ginkgo Bioworks CEO on scaling up Covid-19 testing:
'If we try, we can win' (CNBC) Ginkgo raises $70 million to ramp up COVID-19 testing for employers, universities (Boston G lobe) Ginkgo Bioworks Redirects Its Biotech Platform to Coronavirus (Wall Street Journal) Ginkgo Bioworks Provides Support on Process Optimization to Moderna for COVID-19 Response (PRNewswire) The Life Factory:
Synthetic Organisms From This $1.
4 Billion Startup Will Revolutionize Manufacturing (Forbes) Synthetic Bio Pioneer Ginkgo Raises $290 Million in New Funding (Bloomberg) Ginkgo Bioworks raises $350 million fund for biotech spinouts (Reuters) Can This Company Convince You to Love GMOs? (The Atlantic) We also feel that it's important to point out the obvious here - there's a serious lack of diversity in our industry, and that needs to changeOur goal is to help drive that changeGinkgo is deeply committed to diversity, equity, and inclusion in all of its practices, especially when it comes to growing our teamOur culture promotes inclusion and embraces how rewarding it is to work with people from all walks of lifeWe're developing a powerful biological engineering platform, so we must remain mindful of the many ways our technology can - and will - impact people around the worldWe care about how our platform is used, and having a diverse team to build it gives us the best chance that it's something we'll be proud of as it continues to growTherefore, it's critical that we incorporate the diverse voices and visions of all those who play a role in the future of biologyIt is the policy of Ginkgo Bioworks to provide equal employment opportunities to all employees, employment applicants, and EOE disability/vetPrivacy Notice I understand that I am applying for employment with Ginkgo Bioworks and am being asked to provide information in connection with my applicationI further understand that Ginkgo gathers this information through a third-party service provider and that Ginkgo may also use other service providers to assist in the application processGinkgo may share my information with such third-party service providers in connection with my application and for the start of employmentGinkgo will treat my information in accordance with Ginkgo's Privacy Policy By submitting this job application, I am acknowledging that I have reviewed and agree to Ginkgo's Privacy Policy as well as the privacy policies of the third-party service providers used by Ginkgo's associated with the application process.
Recommended Skills Accident Analysis Assessments Auditing Biology Biotechnology Business Process Improvement Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3v2f56hwz940wlc1c3', 'ExternalApply-j3v2f56hwz940wlc1c3'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
End-point protection, network security, and data loss preventionAssist in building out continuous auditing processes including the use of data analyticsCollaborate closely with company peers for business and legal entity auditsAdvise internal audit and various committees on Technology risksMaintain key relationships with stakeholders across the organization, including the CIO, CISO, CTO, and othersEnsure that the IT audit function is well integrated with the overall audit programCommunicating audit findings and recommendations effectively to the Ginkgo's leadership teamMonitoring and track progress on IT audit findings and recommendationsServe as a subject matter expert for technology risk and controls frameworks, e.
gNIST, and apply them effectively in audits Role model behavior in cross-cultural awareness and ability to connect with colleagues globally in establishing and maintaining a collaborative and inclusive work environmentResponsible for driving transformation and continuous improvement in IT audit practices, processes operational activities Develop and execute a robust information security strategy aligned with organizational goals and industry best practicesAssess and prioritize security risks and formulate effective risk management strategiesCollaborate with cross-functional teams to integrate security measures into business processes and applicationsAssist in developing and maintaining information security policies, standards, and guidelinesEnsure policies are communicated effectively and consistently applied across the company Regularly review and update security documentation to reflect changes in the threat landscape and business requirementsEnsure compliance with relevant data protection laws, regulations, and industry standardsCoordinate and participate in security audits, assessments, and certification processesWork closely with legal and compliance teams to address any security-related legal and regulatory requirementsAssist incident response efforts, including investigation, containment, and resolutionConduct post-incident analysis and implement corrective actions to prevent future occurrencesEvaluate the security posture of vendors and third-party partnersEstablish and maintain a robust vendor risk management program to ensure the security of third-party relationshipsOversee the selection, implementation, and maintenance of security technologiesWork closely with the IT team to ensure that security controls are integrated seamlessly into the technology infrastructureMinimum Requirements Typically PhD with 5 years of experience; or 8 years and a Master's degree; 12 years of related experience with a Bachelor's degree in Information Systems, Cybersecurity, Cyber Risk; or an equivalent mix of education and experience 15
years of combined experience in information technology/engineering, cybersecurity, and Compliance; experience working in Life Sciences, a plus! Ability to communicate technical information to a wide variety of people in an easily understandable way Proactive approach in communicating possible risks and recommendations to mitigate A strong architectural level of understanding of software, networks, and security operations Must have real-world experience working with ITGC's and SOX controls in a publicly traded company Ability to obtain the CISSP certification in 2 years Ability to thrive and stay calm in a fast-paced, high pressure, ever-changing cyber threat environment Preferred Capabilities and Experience Experience working in the biotech space is a plusExperience working with and validating large datasets and working with Snowflake Experience managing security operations To learn more about Ginkgo, visit www.
ginkgobioworks.
com/press/ or check out some curated press below:
What is it really like to take your company public via a SPAC? One Boston biotech shares its journey (Fortune) Ginkgo Bioworks resizes the definition of going big in biotech, raising $2.
5B in a record SPAC deal that weighs in with a whopping $15B-plus valuation (Endpoints News) Ginkgo Bioworks CEO on scaling up Covid-19 testing:
'If we try, we can win' (CNBC) Ginkgo raises $70 million to ramp up COVID-19 testing for employers, universities (Boston G lobe) Ginkgo Bioworks Redirects Its Biotech Platform to Coronavirus (Wall Street Journal) Ginkgo Bioworks Provides Support on Process Optimization to Moderna for COVID-19 Response (PRNewswire) The Life Factory:
Synthetic Organisms From This $1.
4 Billion Startup Will Revolutionize Manufacturing (Forbes) Synthetic Bio Pioneer Ginkgo Raises $290 Million in New Funding (Bloomberg) Ginkgo Bioworks raises $350 million fund for biotech spinouts (Reuters) Can This Company Convince You to Love GMOs? (The Atlantic) We also feel that it's important to point out the obvious here - there's a serious lack of diversity in our industry, and that needs to changeOur goal is to help drive that changeGinkgo is deeply committed to diversity, equity, and inclusion in all of its practices, especially when it comes to growing our teamOur culture promotes inclusion and embraces how rewarding it is to work with people from all walks of lifeWe're developing a powerful biological engineering platform, so we must remain mindful of the many ways our technology can - and will - impact people around the worldWe care about how our platform is used, and having a diverse team to build it gives us the best chance that it's something we'll be proud of as it continues to growTherefore, it's critical that we incorporate the diverse voices and visions of all those who play a role in the future of biologyIt is the policy of Ginkgo Bioworks to provide equal employment opportunities to all employees, employment applicants, and EOE disability/vetPrivacy Notice I understand that I am applying for employment with Ginkgo Bioworks and am being asked to provide information in connection with my applicationI further understand that Ginkgo gathers this information through a third-party service provider and that Ginkgo may also use other service providers to assist in the application processGinkgo may share my information with such third-party service providers in connection with my application and for the start of employmentGinkgo will treat my information in accordance with Ginkgo's Privacy Policy By submitting this job application, I am acknowledging that I have reviewed and agree to Ginkgo's Privacy Policy as well as the privacy policies of the third-party service providers used by Ginkgo's associated with the application process.
Recommended Skills Accident Analysis Assessments Auditing Biology Biotechnology Business Process Improvement Apply to this job.
Think you're the perfect candidate? Apply on company site $('.
external-apply-email-saved').
on('click', function (event) window.
ExternalApply = window.
open('/interstitial?jobdid=j3v2f56hwz940wlc1c3', 'ExternalApply-j3v2f56hwz940wlc1c3'); ); Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
