Sr. Information Security Administrator

San Francisco, CA, United States
Sep 04, 2019
Biotech Bay
Required Education
Bachelors Degree
Position Type
Full time
Position Overview

The Sr. Information Security Administrator is a key position in the Nektar IT department.

The Sr. Information Security Administrator will be responsible for managing the existing systems responsible for securing the enterprise, as well developing and maintaining an ongoing security assessment and roadmap to ensure Nektar's multi-layered security infrastructure anticipates and matches emerging threats. Participates in new system implementations and vendor evaluations to ensure new system implementations adhere to the established security policies and practices. This job contributes to and supports the company's research and development efforts to create high value therapeutics to address unmet medical needs.

Proactively applies professional concepts to contribute to development of company's concepts and principles and to achieve objectives in creative and effective way. Provides guidance on extremely complex problems in which analysis of situations or data requires an evaluation of intangible variables. Exercises independent judgment in developing methods, techniques and evaluation criteria for obtaining results.

Ensures the confidentiality, integrity, and availability of Nektar's systems through proactive management of Nektar's security infrastructure with a focus on automating and leveraging analytics driven security models. Provides appropriate notification to IT management of security events and mitigation plans as appropriate. Develops and maintains a standards based (NIST/SO/IEC 27001) security assessment of Nektar's security capability and use these in combination with the emerging threat landscape to develop a security roadmap to guide the ongoing evolution of Nektar's security systems. Reviews, revises and develops security processes, SOPs, and end user training. Develops and maintains security architecture standards for reference and use by IT project teams. Implements and manages a technology vendor risk management program including initial assessments and recommendations on risks and mitigation prior to implementation as well as on going monitoring. Documents data flows of sensitive information in the organization (e.g., PII or ePHI) and recommends controls to ensure that this data is adequately secured (e.g., encryption and tokenization). Validates Security technologies configurations and access for best practices and recommend changes to enhance security and reduce risks. Liaises with the security steering team to review and evaluate the design and operational effectiveness of security-related controls also support the testing and validation of security controls. Works with IT teams to document storage and transmission of sensitive information and provide architecture and requirements to ensure that this data is secured in accordance with Nektar policy, laws, and regulations. Works on and may lead other projects as assigned.

A minimum of a Bachelors degree in a Computer Science, Information Systems, Cyber-Security Tools and Methodologies, Networking, Management Information Systems including Cloud Based services or related discipline is required. Equivalent experience may be accepted. A minimum of 10 years industry work experience is required. Previous experience working in the Pharmaceutical or Biotechnology industry is preferred. CISSP certification is preferred. Must have direct, hands-on experience managing a security infrastructure — e.g., Next Gen firewalls, IPSs, endpoint protection, Email Security, DLP, CASB, SIEM, SSO, MFA, VPN etc. Direct, hands-on experience or a strong working knowledge of vulnerability management tools required. Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services. Full-stack knowledge of all layers of Enterprise: Applications, Databases, Operating systems, Hypervisors, IP networks, Storage networks, Backup networks and media; Direct experience designing IAM solutions: Active Directory, LDAP, AWS IAM, etc. Well developed customer service skills and proven customer service experience is a must. Strong communication skills both oral and written are required. Excellent organizational skills are required. Detail oriented and excellent documentation skills are required. Ability to effectively multi task is required. Must have extended project work experience. Ability to effectively train others in the group and be an active participant in standards setting and document creation.

We are an Equal Opportunity Employer and do not discriminate against applicants due to race, ethnicity, gender, veteran status, or on the basis of disability or any other federal, state or local protected class. Nektar Therapeutics will consider for employment qualified applicants with criminal histories in the manner proscribed by the San Francisco Fair Chance Ordinance.