Director, Information Security & Technology

Welcome to the era of Velsera! Seven Bridges, Pierian UgenTec have combined to become Velsera.

Velsera is the precision engine company. We empower researchers, scientists, and clinicians to drive precision RD, expand access to, and more effectively leverage analytics at the point of care.

We unify technology-enabled solutions and scientific expertise to enable a continuous flow of knowledge across the global healthcare ecosystem. This interweaves diverse biomedical communities, allowing them to build upon each other s success and accelerate medical breakthroughs that positively impact human health.

With our headquarters in Boston, MA, we are growing and expanding our team which located in 14 different countries!

What will you do
Lead IT Information Security managers and teams to ensure the successful design, implementation,
documentation and operation of information security and technology and general technical controls.
Oversee and drive the technical aspects of Information security Management system (ISMS), security
architecture (including respective vendors) and corporate security program.
Lead an Information Security Operations Team that support security event monitoring and incident
response, vulnerability management, management of Information Security tooling such as SIEM, EDR/XDR,
vulnerability scanner, malware protection etc.,
Lead an Information Security Product Team that support security architecture reviews for product,
application security testing such as code scanning, pen testing/ethical hacking, manage 3rd party pen tests,
educate Software Engineers and Architects.
Manage significant information security incidents across the organization.
Manage IT ender user compute including the IT Service Desk function.
Lead large IT projects, including the design and deployment of new IT systems and services.
Monitor performance of IT systems to determine cost and productivity levels, and to make
recommendations for improving the Company s overall IT infrastructure.
Define the Company s IT infrastructure strategy, architecture, and processes.
Analyze business requirements by partnering with key stakeholders across the organization to determine
the appropriate IT needs of the Company.
Assess vendors, develop strategies and maintain control over all Company hardware and software
purchases, including helping to manage renewals and terminations, where appropriate.
Mentor and coach managers and team members.
Lead Budgeting and cost control for the Information Security and Technology organization.

What do you bring to the table

Qualifications
Bachelor s degree in Computer Science, Accounting, Finance, Information Systems, Information Technology
or related field
6+ years experience in risk, controls and compliance. Plus, sufficient experience managing and/or directing
an IT operation in a high-growth environment.
Experience preferred in applying relevant technical knowledge in at least four of the following
audits/regulations: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, FISMA, FedRAMP,
SOX 404, HITRUST CSF, HIPAA, ISO 9001, GxP, 21 CFR Part 11, GAMP 5, EU Annex 11
Good understanding and technical knowledge of current network and client operating systems, hardware,
protocols, and standards, such as Windows OS, cloud platforms like O365, Azure and AWS, and common
computer hardware and desktop productivity software solutions.
Experience in IT infrastructure strategic planning and development, project management, and/or policy
development and understanding of core ITIL principles.
CISA, CISSP, CISM certifications preferred
Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive
Demonstrated integrity within a professional environment
Strong written and verbal communication skills and presentation skills
Leadership, teamwork and client service skills
English language proficiency

Technology
Technical audit / controls experience: Operating Systems (Linux), Databases, Web Applications
Identity and access management (IAM) experience
Exposure to security technologies such as IDS, Firewalls, Anti-virus, SIEM, WAF, etc.
Amazon Web Services (AWS) and Google Cloud Platform (GCP)
Atlassian Suite - JIRA Confluence
Extra Credit
Experience auditing within the pharmaceutical, clinical, diagnostic, and/or healthcare industries
Master s degree
Public accounting IT risk and controls experience
Familiarity with the command line interface of multiple operating systems - Windows, macOS, Linux, etc.
Understanding of scripting languages to include the following - python, shell, ruby, perl
Corporate IT / Help desk
Docker, Ansible, Kubernetes
A sense of humor

Competencies
Managing
The ability to manage and take charge of employees in order to enhance their performance; defining targets
and providing appropriate means; controlling progress and correcting employees.
has a natural authority over other people
takes control in team meetings in which complex and opposing interests are defended
distinguishes between personal and organizational interests
brings employees career development in tune with strategic goals
gets the most out of their employees
Networking
The ability to develop and maintain relations, alliances and coalitions within and outside the organization
and to use them in order to obtain information, support and cooperation.
looks beyond cultural differences and other barriers in their search for useful contacts
contacts other departments in order to increase the chance of their own project succeeding (cooperation,
support)
uses their network (e.g. for information) to support their work
involves others in their professional networks and stimulates them to expand these
engages others in creating a broader basis for ones organization to achieve its goals
searches critically for people who could play a role in expanding their influential network
is cooperative and incorruptible, uses their network without manipulating it

People first. We create collaborative and supportive environments by operating with respect and flexibility to promote mental, emotional and physical health. We practice empathy by treating others the way they want to be treated and assuming positive intent. We are proud of our inclusive diverse team and humble ourselves to learn about and build our connection with each other.

Patient focused. We act with swift determination without sacrificing our expectations of quality. We are driven by providing exceptional solutions for our customers to positively impact patient lives. Considering what is at stake, we challenge ourselves to develop the best solution, not just the easy one.

Integrity. We hold ourselves accountable and strive for transparent communication to build trust amongst ourselves and our customers. We take ownership of our results as we know what we do matters and collectively we will change the healthcare industry. We are thoughtful and intentional with every customer interaction understanding the overall impact on human health.

Curious. We ask questions and actively listen in order to learn and continuously improve. We embrace change and the opportunities it presents to make each other better. We strive to be on the cutting edge of science and technology innovation by encouraging creativity.

Impactful. We take our social responsibility with the seriousness it deserves and hold ourselves to a high standard. We improve our sustainability by encouraging discussion and taking action as it relates to our natural, social and economic resource footprint. We are devoted to our humanitarian mission and look for new ways to make the world a better place.

Velsera is an Equal Opportunity Employer:
Velsera is proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, colour, gender, religion, marital status, domestic partner status, age, national origin or ancestry.