Senior Manager, IT Security, Compliance & Infrastructure

Sr. Manager IT Security Compliance & Infrastructure

Location: Onsite in Palo Alto CA or Princeton NJ

About Summit:

Ivonescimab known as SMT112 is a novel potential first-in-class investigational bispecific antibody combining the effects of immunotherapy via a blockade of PD-1 with the anti-angiogenesis effects associated with blocking VEGF into a single molecule. Ivonescimab displays unique cooperative binding to each of its intended targets with multifold higher affinity when in the presence of both PD-1 and VEGF.

Summit has begun its clinical development of ivonescimab in non-small cell lung cancer (NSCLC) with three active Phase III trials:

• HARMONi is a Phase III clinical trial which intends to evaluate ivonescimab combined with chemotherapy compared to placebo plus chemotherapy in patients with EGFR-mutated locally advanced or metastatic non-squamous NSCLC who have progressed after treatment with a 3rd generation EGFR TKI (e.g. osimertinib).

• HARMONi-3 is a Phase III clinical trial which is designed to evaluate ivonescimab combined with chemotherapy compared to pembrolizumab combined with chemotherapy in patients with first-line metastatic NSCLC.

• HARMONi-7 is a Phase III clinical trial which is intended to evaluate ivonescimab monotherapy compared to pembrolizumab monotherapy in patients with first-line metastatic NSCLC whose tumors have high PD-L1 expression.

Ivonescimab is an investigational therapy that is not approved by any regulatory authority in Summits license territories including the United States and Europe. Ivonescimab was approved for marketing authorization in China in May 2024. Ivonescimab was granted Fast Track designation by the US Food & Drug Administration (FDA) for the HARMONi clinical trial setting.

Overview of Role:

As the Senior Manager Security Compliance & Infrastructure the candidate will be responsible for establishing and leading the Information Technology security program while also supporting core infrastructure operations. This includes designing implementing and managing security policies processes and controls in alignment with GxP and regulatory requirements as well as ensuring the stability scalability and efficiency of our Microsoft cloud-based infrastructure. The ideal candidate will bring proven expertise in security along with hands-on experience in GxP processes and validated systems.

Role and Responsibilities:

Establish and lead the Information Technology security program in alignment with the NIST Cybersecurity Framework (CSF).

Collaborate with technical and non-technical partners to ensure policies procedures. work instructions and practices are compliant with various regulatory authorities including but not limited to SOX FDA pharmaceutical Industry validation (GXP) and 21 CFR Part11 HIPAA EU data privacy (GDPR) NIST Cyber Security Framework (CSF) etc.

Scale and optimize Microsoft security tools (Defender Purview Sentinel Intune Entra ID etc.) for threat protection identity management and data governance.

Lead data privacy and protection initiatives ensuring proper controls for sensitive clinical R&D and regulated data.

Develop and enforce policies for responsible AI use within the organization ensuring compliance data security and ethical application of AI technologies.

Conduct and lead risk assessments vulnerability management and incident response programs.

Ensure readiness for internal and external audits including FDA/EMA inspection support for GxP-regulated systems.

Lead and advise on system validation practices for all GXP systems

Manage the Change control Board (CCB) and all related lifecycle changes to systems to ensure effective controls and compliance

Drive security awareness training and culture across the organization.

Maintain and pursue relevant security certifications (NIST-focused CISSP CISM CISA Microsoft security certifications) to enhance organizational credibility and maturity.

Support and enhance the Microsoft cloud environment (Azure Microsoft 365 Intune Teams SharePoint).

Partner with the infrastructure team to manage identity networking collaboration platforms and endpoint operations.

Ensure patching upgrades and operational stability across cloud services and SaaS applications.

Collaborate on projects that improve scalability performance and resilience of IT systems.

Contribute to vendor evaluation license management and technology optimization.

All other duties as assigned.

Experience Education and Specialized Knowledge and Skills:

Bachelors degree in Computer Science MIS Software Engineering or similar strongly preferred

Minimum of 8 years of IT experience with at least 2 years in security leadership roles.

A hands-on self-starter with managerial/ leadership experience and a demonstrated ability interact with technical and non-technical staff various levels of management and external parties to accomplish goals and objectives

Proven experience in the pharmaceutical / biopharma industry with strong knowledge of compliance frameworks (GxP HIPAA GDPR 21 CFR Part 11 and biopharma IT compliance needs).

Hands-on experience with GxP systems and processes including validation documentation and audit readiness.

Strong understanding and practical application of the NIST Cybersecurity Framework (CSF).

Preferred relevant certification in security or compliance such as CISSP CISM CISA NIST CSF CEH Security or Microsoft Security certifications (Azure Security Security Operations Analyst or equivalent).

Demonstrated expertise in Microsoft cloud security and infrastructure (Azure AD/Entra ID Microsoft 365 Intune Defender Purview Sentinel).

Experience in developing and enforcing data privacy protection and governance policies for sensitive clinical R&D and regulated data.

Proven ability to develop SOPs IT policies and governance frameworks that align with regulatory and organizational needs.

Knowledge of AI security risks and compliance considerations with experience in defining policies for responsible AI use in an enterprise or regulated environment.

Strong background in incident response risk assessments and vulnerability management.

Excellent collaboration skills with the ability to work cross-functionally with IT R&D Clinical QA and Compliance teams.

Outstanding communication leadership and vendor management abilities.

The pay range for this role is $153000-$180000 annually. Actual compensation packages are based on several factors that are unique to each candidate including but not limited to skill set depth of experience certifications and specific work location. This may be different in other locations due to differences in the cost of labor. The total compensation package for this position may also include bonus stock benefits and/or other applicable variable compensation.

Summit does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact Summits Talent Acquisition team at to obtain prior written authorization before referring any candidates to Summit.