Manager, IT Security
Arvinas is a clinical-stage biopharmaceutical company leading the way in targeted protein degradation therapeutics. Arvinas is the first company to focus solely on protein degradation and its platform technology is the most advanced in the field. Since its founding in 2013, Arvinas’ PROTAC® Discovery Engine has been driving the most significant breakthroughs in the industry. Arvinas’ pipeline encompasses a range of validated and undruggable targets in oncology, immuno-oncology, and neuroscience. This includes two clinical-stage programs: ARV-110, which is being developed as a potential treatment for men with late-line metastatic castrate-resistant prostate cancer, and ARV-471, which is being developed as a potential treatment for patients with breast cancer.
#TeamArvinas is made up of more than 200 passionate and curious employees, whose diverse thoughts and perspectives are highly valued. Arvinas employees embrace the freedom to pursue innovation, think creatively, and give back. They are driven by the company’s values and purpose – to improve the well-being of patients and families impacted by the devastating diseases Arvinas is working to treat. It’s an exciting time to be in drug development and it’s an exciting time to be at Arvinas. But don’t just take our word for it – here’s what Arvinas employees are saying. For more information, please visit www.arvinas.com.
Arvinas is seeking an experienced IT Security Manager to take lead on technical security projects and ensure the enterprise infrastructure is stable, available, and designed to best practices. This role has a primary focus on ensuring the security and networking technologies we use are deployed and utilized appropriately. In addition, the position will work with peers and IT leadership to manage and report on success metrics and help determine new technologies to onboard, such as datacenter infrastructure, cloud services or third-party solutions. This position currently will have one Security Engineer reporting to them with potential to add more direct reports in the future, along with managing a third party Security Operations Center team.
This position reports to the Director, Infrastructure, Operations and Security and will be located at our headquarters in New Haven, CT. Most activities can be conducted remotely, but onsite once a week is preferred.
Key responsibilities of this role include, but are not limited to:
- Whitehat internal testing and remediation
- Vulnerability Management and remediation via Tenable, CrowdStrike or other
- CyberArk Application Request approvals, management, and support
- Zscaler ZPA and ZIA Support Requests, management, and support
- Review Email alerts for Security, Infrastructure, and Backup issues
- Patch Management via WSUS, Zscaler, CyberArk and other apps to ensure latest versions
- Third Party Security Reviews
- Penetration Testing and Planning via third parties
- Active Directory Auditing and Reporting
- Azure Cloud Security Management
- Network Segregation and Security Architecture
- Assist in Authoring policies surrounding BYOD, Incident Response, Disaster Recovery
- KnowBe4 Phishing Campaigns, Cyber Security Awareness Training and Management
- Office365 Data Loss Prevention
- Management of SAML Applications such as OKTA
- CASB Management
- Third Party SOC Engagement
- Lead Security Projects
- Partners with business and IT teams to identify and resolve system problems and identify potential system and process improvements.
- Evaluates vendors and solutions to address business requirements. Participates in vendor selection, contract negotiation, and the development of statements of work.
- Perform hands-on solution design, prototyping, proof-of-concepts, process design and development tasks as required in support of current and new projects.
- Key contributor in developing the IT security roadmap.
- Performs other duties as assigned.
- 8+ years’ experience in IT, with the desired candidate having experience in life sciences
- Experience in IT Security capabilities/applications from concept to delivery within life sciences
- Experience providing IT Security application support and maintenance
- Very strong business analysis skills
- Very strong technical troubleshooting and problem-solving abilities
- Excellent task management and prioritization skills
- Ability to correlate security data and generate governance reports
- Excellent written and verbal communication skills
- Knowledge of the following is Required: CrowdStrike, Microsoft Azure, Microsoft 365 Stack, CyberArk, Tenable, SOC Services, Zscaler ZPA and ZIA, Network Security, Active Directory, DNS, and foundational infrastructure components.
- Knowledge of the following is Desired: AWS, VMWare, Familiarity with NIST 800-53 or other Cyber Security Frameworks
- Bachelor’s degree in Computer Science, Computer Information Management Systems or related IT discipline desired
- One or more of the following are required:
- CEH: Certified Ethical Hacker
- CISM: Certified Information Security Manager
- CompTIA Security+
- CISSP: Certified Information Systems Security Professional
- CISA: Certified Information Security Auditor
Arvinas is proud to offer a competitive package of base and incentive compensation as well as a comprehensive benefits program designed to support the health, wellness and financial security of our employees and their families. Benefits include group medical, vision and dental coverage, group and supplemental life insurance, and much more. To learn more about Arvinas, please visit www.arvinas.com
Arvinas is an Equal Opportunity employer