Join our companies in their quest to drive powerful, positive, change that endures.

Head of Cybersecurity

Altos Labs

Altos Labs

IT
San Francisco, CA, USA
Posted on Wednesday, July 26, 2023

Our Mission

To restore cell health and resilience through cellular rejuvenation programming to reverse disease, injury, and the disabilities that can occur throughout life.

Diversity at Altos

We believe that diverse perspectives are foundational to scientific innovation and inquiry.

We are building a company where exceptional scientists and industry leaders from around the world work side by side to advance a shared mission.

Our intentional focus is on Belonging, so that all employees know that they are valued for their unique perspectives.

At Altos, we are all accountable for sustaining a diverse and inclusive environment.

Who You Are

Altos Labs is looking for an experienced and dynamic leader to oversee our cybersecurity initiatives, which include IT security, policies, protocols, and procedures to ensure the safety of the company’s employees, assets, and facilities. The ideal candidate will possess a strong technical background and have extensive experience in managing and implementing diverse IT security controls to address the current landscape of cybersecurity threats. The Cybersecurity leader will account for the development and implementation of an Altos-wide Cybersecurity program to protect, monitor, respond to, and inform on the availability, integrity, and confidentiality of data, applications, and infrastructure. Responsibility includes network security across our data centers, cloud infrastructure, and mobile workforce.

What You Will Contribute to Altos

Responsibilities

  • Lead the IT Security team in day-to-day operations, providing technical guidance, and ensuring continuous team development.
  • Understand our business and our culture. Collaborate with key stakeholders to align IT security with the overall business objectives. Provide guidance and training to our employees on Cybersecurity risks and best practices.
  • Develop, implement, and monitor comprehensive internal and external IT security policies and procedures to ensure the confidentiality, integrity, and availability of all data in partnership with Compliance. In addition, this role will work very closely with the Compliance team at Altos and provide input on compliance policies and programs where applicable.
  • Identify potential risks and vulnerabilities in the system and create strategic response plans to mitigate them.
  • Conduct regular system reviews to ensure the smooth and efficient operation of security infrastructure. Work internally and with 3rd parties’ auditors to preempt, mitigate, and swiftly respond to any audit findings that require action.
  • Provide technical expertise and guidance in establishing and maintaining network architecture and infrastructure. Design, configure, and document Altos’ Firewalls, IDS, IPS, proxy, cloud access and encryption, DMZ architecture, SIEM, logging, anti-virus and anti-malware, endpoint detection and response, host-based firewall, application whitelisting, file integrity monitoring, and data loss prevention.
  • Establish disaster recovery procedures and business continuity plans, and conduct drills to ensure the effectiveness of these procedures.
  • Keep abreast of the latest security and technology developments to ensure that the company's IT infrastructure is up-to-date and secure.
  • Handle the selection and negotiation of IT-related contracts and vendors for cybersecurity services.
  • Lead incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches.
  • This is a full-time position and may require occasional travel. The nature of the role may require availability outside standard office hours to respond to critical incidents or emergencies.

Qualifications

  • Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar from a recognized body (e.g., SANS, ISC2, ISACA) are preferred.
  • Extensive knowledge of healthcare regulations, drug development processes, and patient privacy laws like HIPAA is essential. Familiarity with regulations, including GDPR and CCPA, and compliance frameworks such as SOC 2, is required.
  • Comprehensive understanding of network architecture, database security, security systems, and latest security protocols and procedures.
  • Proven experience with Incident Response planning and execution. Including red team/ blue team exercises.
  • Must have demonstrated technical hands-on experience implementing security initiatives that require partnerships with other IT areas and business units.
  • Strong knowledge of cybersecurity risk management and IT governance.
  • Excellent problem-solving and leadership skills, with the ability to guide and motivate a team.
  • Proven experience with change management and leading an organization through change.
  • Excellent verbal and written communication skills. Ability to present/communicate to senior leadership and board as needed.
  • Flexibility to adjust to changing priorities, timelines, and international time zones.

Education and Experience

  • BS in IT Security, Computer Science, or Engineering is required, and MS is preferred.
  • 15+ years of IT security and network technical and professional experience are required. Life Sciences and/or Pharma experience is preferred.
  • Experience applying HIPAA, GDPR, CCPA, and SOC2 regulations to cybersecurity, creating policies to protect sensitive health data, and ensuring regulatory compliance.
  • Experience with Cybersecurity in the Cloud and SaaS applications is required. AWS experience is preferred.

The salary range for this position is $289,000 to $391,000

#LI-LY1

What We Want You To Know

We are a culture of collaboration and scientific freedom, and we believe in the values of diversity, inclusion and belonging to inspire innovation.

Altos Labs provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Altos currently requires all employees to be fully vaccinated against COVID-19, subject to legally required exemptions (e.g., due to a medical condition or sincerely-held religious belief).

Thank you for your interest in Altos Labs where we strive for a culture of scientific freedom, learning, and belonging.

Note: Altos Labs will not ask you to download a messaging app for an interview or outlay your own money to get started as an employee. If this sounds like your interaction with people claiming to be with Altos, it is not legitimate and has nothing to do with Altos. Learn more about a common job scam at https://www.linkedin.com/pulse/how-spot-avoid-online-job-scams-biron-clark/