Director, Information Security (EDG-2026006)

Director, Information Security

About Edgewise Therapeutics:

At Edgewise, we are on a mission to discover new medicines that improve the lives of patients facing serious muscle disease. Our intimate knowledge of muscle biology and biophysics along with our ability to identify and design muscle specific precision small molecules have enabled us to rapidly advance our skeletal muscle and cardiac muscle product candidates into the clinic while also building a robust pre-clinical pipeline. With this focus on therapeutics designed to protect and improve muscle health, our goal is to dramatically enhance the lives of people living with progressive muscle disorders.

We have assembled an experienced and highly motivated leadership team with a strong track record in the biotechnology and pharmaceutical industry to build the leading, global muscle disease biopharmaceutical company. Come join us make a significant difference in the lives of patients

About the Position:

This position will be responsible for implementing security tools and policies, vetting and auditing vendors, managing our info security landscape, installing security software, and documenting any security issues or breaches. This position will be the main point of contact for managing IT security. This position will work within the IT team and across the organization to develop and lead information security strategy, implement information security policies, notifications, and trainings. This is a full-time position reporting to the Vice President, Head of IT/IS and is located at our corporate headquarters in Boulder, CO.

Essential Job Duties and Functions:

• Lead information security practices and monitor computer applications and networks for security issues.
• Develop and communicate security plans for best standards and practices for the company.
• Investigate security breaches and other cybersecurity incidents.
• Develop strategies and make recommendations to the Head of IT/IS and senior executives about security advancements to best protect the company's systems.
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Ownership of company incident response plan. documentation of security breaches and damage assessment.
• Lead the IT team in performing tests and uncover network vulnerabilities.
• Fix detected vulnerabilities to maintain a high-security standard.
• Evaluation of new applications from a security perspective
• Stay current on IT security trends and news.
• Vetting and auditing of software vendors and suppliers
• Perform/Coordinate penetration testing.
• Help colleagues install security software and understand information security management.
• Align security solutions with internal data and systems governance requirements.
• Maintain best practices in cybersecurity compliance for GxP systems, HIPAA security rule, GDPR and other industry regulations.
• Read, understand, and comply with all workplace health and safety policies; safe work practices; and company policies and procedures.
• Perform other duties as assigned by supervisor.

Required Education, Experience and Skills:

• Bachelor's degree in computer science or related field with a minimum of ten (10) years in Information Security with 5+ years of leading information security with proven experience developing information security policies; biotech / pharma experience preferred.
• Security Certifications (such as CompTIA Security+, CISM etc.)
• Deep understanding of IT security principles, frameworks (e.g., NIST, ISO 27001), and best practices.
• Corporate Experience in Windows environments.
• Experience in Microsoft Security tools and other vendors such as SentinelOne, Zscaler, Avanan, Proofpoint and other security tools
• Experience in securing and monitoring Amazon cloud environments.
• Experience with computer network penetration testing and techniques.
• Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Ability to mitigate network vulnerabilities and explain how to avoid them.
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
• Excellent verbal and written communication skills.
• Strong working knowledge of MS Office.

Working Conditions and Physical Requirements

• Occasional evening and weekend work may be required.
• Ability to rapidly respond to any security events
• This role is based out of the corporate office in Boulder, CO

Salary range: $220,000 - $250,000, title and salary commensurate with experience

Our Benefits: We are proud to offer health benefits, a discretionary bonus plan, stock option grants. a stock purchase plan, a 401(k) with match and paid time off to our team members as part of their compensation plan.

There is no deadline because the employer accepts applications on an ongoing basis.

Edgewise does not accept resumes from recruitment agencies for this position. Please do not send resumes to Edgewise employees or the company location. Edgewise is not responsible for any fees related to unsolicited resumes.