Job Opportunity

Director of Information Security

Location: San Diego, CA, US
Department: Facilities / IT
Employment Type: Full Time
Reference Number: 2043114

Position Summary

Mirati Therapeutics is seeking an experienced Director of Information Security to lead our information security function. The Director of IT Security is the leading advocate for Information Security and is responsible for the development and delivery of a comprehensive information security strategy to advance the security posture of the organization and ensure information assets are adequately protected. The Director of IT Security leads the development and implementation of a comprehensive security program, oversees information security governance, identifies business risks most relevant to the company, advises senior leadership on security direction and resource investments, creates appropriate policies to manage information security, implements effective practices for security awareness and is responsible for identifying, evaluating and reporting on information security risks in a manner that meets business, compliance and regulatory requirements. This position requires a leadership approach that is engaging, collaborative and business driven with the strong ability to work with other executive leaders to best balance between business, security and IT priorities. The Director of IT Security will report into the Vice President of Information Technology and will serve as a member of the IT leadership team.

Responsibilities

  • Creates, implements, and evolves a risk-based IT Security strategy
  • Establishes and maintains a comprehensive organization-wide information security program to ensure that information assets are adequately protected against current, future, internal, and external threats
  • Leads the development, execution, assessment and continuous improvement of the information security and compliance program - architecture, security operations, controls, policies, incident response, information classification; maps organization risk, regulatory and contractual requirements to established controls and mitigation methods to ensures the organization is operating in a manner that satisfies audit requirements and meets program target objectives
  • Manage the Enterprise IT Security service through our partners, directing tasks, setting goals and expectations, ensuring high performance and productivity, ensuring effective customer service and education, and evaluating performance
  • Develops, identifies, directs, coordinates, evaluates, and reports on information security risks in a manner that meets compliance, regulatory, and contractual requirements while enabling the organization by developing a structured incident response program to minimize the impacts of information security risk and incidents
  • Managed investigations and forensics in the event of an incident to determine root cause, deal with those responsible parties as appropriate, and advance controls and governance to reduce the likelihood of recurrence
  • Act as the key liaison and focal point in the organization for information security communications and projects; in addition, provides operational oversight of application security, cloud security, data protection, and incident response program and security operations
  • In coordination with the management, creates and implements a risk management framework to ensure the appropriate application of controls based on risk. Consult with business owners regarding their information security risks and responsibility in minimizing those risks
  • Defines, identifies and classifies critical information assets, assess threats and vulnerabilities regarding those assets and implement safeguard recommendations
  • Continuously and extensively reaches out externally to understand the latest cyber security threats, risks, innovations, risk management approaches and industry benchmarks; maintains a strong and current understanding of the threat landscape for the industry and Mirati
  • Ensures that Mirati complies with laws and regulations (e.g. HIPAA, privacy laws, SOX, etc.)
  • Responsible for the development and implementation of a companywide security awareness training program
  • Trains and oversees personnel with significant responsibilities for information security to ensure that our technology is aligned with that strategy, and that owners understand their roles and responsibilities with respect to keeping Mirati systems secure

Required Experience

  • A Bachelor's Degree; or equivalent combination of education and experience.
  • Professional experience of 15+ years in Information Technology and 10+ years of experience in Information Security, 5 of those in leadership roles
  • Knowledge and working experience with threat & vulnerability management, penetration testing, incident response, industry security standards and practices, application security, security audit/review processes and applying corporate and federally mandated policies
  • Demonstrated ability to protect and enable the business while being a respected information security advisor to senior management, as well as to IT operations, operating groups, technical staff, and project management, and the skills to interface across several channels to proactively assist in defining solutions, direction, specifications and architectural principles
  • In-depth, up-to-date and broad knowledge of the Information Security field is required, including all major communications and computing technologies and trends, including significant domestic and international exposure
  • Strong leadership skills and ability to build a security program from the ground up including the hiring of qualified staff
  • Ability to build, manage, and maintain budget for IT security function
  • Candidates must have a strategic view of information security and be able to successfully achieve specific tactics
  • Extensive knowledge of principles, regulations, technical architectures, control processes and assurance practices for security
  • Working knowledge of industry standards - NIST, ISO 27001/2, ITIL, COSO, COBIT, Cloud Security Alliance, US and global privacy/data protection laws
  • CISSP or other industry recognized security certification (such as CISM, GIAC and CISA, CCSK) is required
  • Well-developed written and oral communication, security awareness training, , and customer engagement skills
  • Strong critical thinking skills capable of managing numerous information sources and providing data driven recommendations to senior management
  • Ability to engage, collaborate and influence at executive level
  • Ability to adapt to a dynamic business landscape and changing priorities
  • Delivery of metrics which demonstrate program progress, gaps and trend analysis
  • Role will be based at Company HQ in San Diego and requires COVID-19 vaccination or weekly negative COVID-19 test results.

Preferred Skills

  • Healthcare/biotech/pharmaceutical experience strongly preferred
  • Understanding of risk frameworks and data privacy
  • Experience with software as a service (SaaS) software, Platform as a service (PaaS), Infrastructure as a service (IaaS) or related cloud security
  • Experience with computers systems validation and environments regulated by the FDA
  • Experience with computer network validation and laboratory environments
  • Experience with assessing third party vendors' environments
  • Working knowledge of Project Management discipline and process
  • Understanding of Secure SDLC methods

About Mirati Therapeutics

Mirati Therapeutics is a late-stage biotechnology company whose mission is to discover, design and deliver breakthrough therapies to transform the lives of patients with cancer and their loved ones. The company is relentlessly focused on bringing forward therapies that address areas of high unmet need, including lung cancer, and advancing a pipeline of novel therapeutics targeting the genetic and immunological drivers of cancer. Mirati is using its scientific expertise to develop novel solutions in two registration-enabling programs: adagrasib (MRTX849), an investigational small molecule, potent and selective KRAS G12C inhibitor, as monotherapy and in combination with other agents, and sitravatinib, an investigational spectrum-selective inhibitor of receptor tyrosine kinases in combination with checkpoint inhibitor therapies. Mirati is also advancing its differentiated preclinical portfolio, including MRTX1133, an investigational KRAS G12D inhibitor, and other oncology discovery programs. Unified for patients, Mirati's vision is to unlock the science behind the promise of a life beyond cancer.

For more information about Mirati Therapeutics, visit us at Mirati.com or follow us on Twitter and LinkedIn. 

Why Join?

At Mirati, we have an unapologetic and relentless focus on our mission to transform the lives of patients with cancer and their loved ones. Patients and their families motivate us to work smarter, faster and better. We are driven by the knowledge that our efforts can one-day deliver life-saving therapies for the people who need us most. Urgency, open-mindedness, accountability and collaboration ground our work. These shared values are central to who we are, what we do and how we do it.

Our people fuel our success. They are fearless and passionate in their daily pursuit of our mission. We are committed to continuing to create a company and experience that attracts and keeps the best people. When you want your days to count and the work you do to matter, discovering and delivering potentially life-changing therapies is more than a job, it's the chance to be part of something bigger.

We believe diverse professional experiences and an inclusive culture can drive better outcomes for patients. We want employees to be authentic and use their perspectives to contribute to our mission in a meaningful way.

Mirati cultivates an environment where:

  • An entrepreneurial attitude is encouraged
  • Our people are empowered to speak up, embrace the gray and achieve solutions
  • Diverse experiences are an important of part making the best decisions
  • We laugh and have fun as a work family

No matter the role, we are unified by our passion for helping patients, and are inspired by a single vision - to unlock the science behind the promise of a life beyond cancer. Together, we own Mirati's success.

Learn more at Mirati.com/careers.

Mirati is an Equal Opportunity Employer (EOE) - we celebrate diverse experiences without regard to race, color, religion, creed, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.

Notice to Third Party Agencies: Please note that Mirati Therapeutics Inc. does not accept unsolicited resumes from recruiters or employment agencies.