Senior Manager, Cyber Security Operations

Ardelyx

Job Location:

Waltham, MA - USA

Monthly Salary: $ 167000 - 205000

Posted on: 5 days ago

Vacancies: 1 Vacancy

Job Summary

Description

Ardelyx is a publicly traded commercial biopharmaceutical company founded with a mission to discover develop and commercialize innovative first-in-class medicines that meet significant unmet medical needs. Ardelyx has two commercial products approved in the United States IBSRELA (tenapanor) and XPHOZAH (tenapanor). Ardelyx has agreements for the development and commercialization of tenapanor outside of the U.S. Kyowa Kirin commercializes PHOZEVEL (tenapanor) for hyperphosphatemia in Japan. A New Drug Application for tenapanor for hyperphosphatemia has been approved in China with Fosun Pharma. Knight Therapeutics commercializes IBSRELA in Canada.

Position Summary:

The Senior Manager Cyber Security Operations is a hands-on leader responsible for building operating and continuously improving Ardelyxs security operations capabilities. This role combines technical execution with leadership requiring a player-coach who can both lead the function and actively engage in day-to-day security operations - not a purely strategic role.

This is a greenfield opportunity. As Ardelyx transitions from a managed service provider (MSP) model to an internally operated IT and security organization this individual will help build the security operations function from the ground up. The right candidate thrives in build environments is energized by consolidating a fragmented security stack onto a modern Microsoft-centric platform and can operate effectively both as an individual contributor and as a team leader. This role provides operational direction for security operations while ensuring the confidentiality integrity and availability of corporate systems data and cloud environments. The ideal candidate brings deep technical expertise operational discipline and practical leadership with the ability to communicate effectively with executives auditors engineers and cross-functional teams.

Responsibilities:

Lead and actively participate in security incident detection investigation and response across endpoint identity cloud and SaaS environments including hands-on alert triage log analysis and threat intelligence review
Lead incident response coordination with Legal HR Compliance and Communications; own post-incident reviews and drive continuous improvement of response processes
Establish and track key operational metrics (MTTD MTTR incident trends) and continuously tune detection rules playbooks and SOAR automation to reduce noise and improve signal fidelityOwn and mature the Microsoft security ecosystem - Defender XDR Microsoft Sentinel (SIEM/SOAR) and Purview - driving integration automation and unified detection and response across the environmentDesign and optimize security controls across endpoint (EDR/XDR) identity (Entra ID MFA Conditional Access) Azure AWS and SaaS applications; lead vulnerability management operations including scanning prioritization and remediation tracking
Consume and operationalize threat intelligence integrating indicators into Sentinel detection rules; develop SOAR playbooks via Logic Apps to reduce manual effort and accelerate responseInitially operate as a hands-on individual contributor while building and mentoring a team of 2 security engineers over the next 34 months; provide technical guidance and escalation support on complex issues
Ensure effective prioritization and coverage across security operations fostering a culture of operational discipline continuous learning and security awareness
Execute against the cybersecurity roadmap in alignment with business objectives; identify control gaps and implement scalable practical improvements aligned with the organizations risk tolerance
Partner with Legal Compliance and IT to support audits risk assessments and regulatory requirements including NIST CSF 2.0 ISO 27001 SOC 2 and HIPAA; contribute to security policy development and enforcement
Support third-party risk management vendor security evaluations and security platform consolidation efforts to reduce complexity and operational cost

Qualifications:

Bachelors degree in Information Security Computer Science or related field
8 years of progressive cybersecurity experience with strong focus on security operations and engineering or equivalent experience
Proven hands-on experience with the Microsoft security stack: Defender for Endpoint Defender for Identity Defender for Office 365 and Microsoft Sentinel
Demonstrated experience with identity and access management: Microsoft Entra ID MFA Conditional Access and Privileged Identity Management (PIM)Cloud security experience in Azure (required) and AWS (a plus); ability to monitor and respond to threats across hybrid cloud environments
Experience leading or building security operations programs including SIEM vulnerability management and security automation in an enterprise environment
Familiarity with compliance frameworks including NIST CSF ISO 27001 SOC 2 and HIPAAPrior experience in a player-coach capacity comfortable both leading a team and rolling up sleeves on technical execution
Strong communication skills with the ability to translate technical risk into business impact for executive and non-technical audiences
Relevant certifications preferred (CISSP CISM CRISC CCSP GCIH etc.)

The anticipated annualized base pay range for this full-time position is $167000 - $205000 Ardelyx utilizes industry data to ensure that our compensation is competitive and aligned with our industry peers. Actual base pay will be determined based on a variety of factors including years of relevant experience training qualifications and internal equity. The compensation package may also include an annual bonus target and equity awards subject to eligibility and other requirements.

Ardelyx also offers a robust benefits package to employees including a 401(k) plan with generous employer match 12 weeks of paid parental leave up to 12 weeks of living organ and bone marrow leave equity incentive plans health plans (medical prescription drug dental and vision)life insurance and disability flexible time off annual Winter Holiday shut down and at least 11 paid holidays.

Ardelyx is an equal opportunity employer.

Required Experience:

Senior Manager

DescriptionArdelyx is a publicly traded commercial biopharmaceutical company founded with a mission to discover develop and commercialize innovative first-in-class medicines that meet significant unmet medical needs. Ardelyx has two commercial products approved in the United States IBSRELA (tenapano...

Description

Position Summary:

Responsibilities:

Lead and actively participate in security incident detection investigation and response across endpoint identity cloud and SaaS environments including hands-on alert triage log analysis and threat intelligence review
Lead incident response coordination with Legal HR Compliance and Communications; own post-incident reviews and drive continuous improvement of response processes
Establish and track key operational metrics (MTTD MTTR incident trends) and continuously tune detection rules playbooks and SOAR automation to reduce noise and improve signal fidelityOwn and mature the Microsoft security ecosystem - Defender XDR Microsoft Sentinel (SIEM/SOAR) and Purview - driving integration automation and unified detection and response across the environmentDesign and optimize security controls across endpoint (EDR/XDR) identity (Entra ID MFA Conditional Access) Azure AWS and SaaS applications; lead vulnerability management operations including scanning prioritization and remediation tracking
Consume and operationalize threat intelligence integrating indicators into Sentinel detection rules; develop SOAR playbooks via Logic Apps to reduce manual effort and accelerate responseInitially operate as a hands-on individual contributor while building and mentoring a team of 2 security engineers over the next 34 months; provide technical guidance and escalation support on complex issues
Ensure effective prioritization and coverage across security operations fostering a culture of operational discipline continuous learning and security awareness
Execute against the cybersecurity roadmap in alignment with business objectives; identify control gaps and implement scalable practical improvements aligned with the organizations risk tolerance
Partner with Legal Compliance and IT to support audits risk assessments and regulatory requirements including NIST CSF 2.0 ISO 27001 SOC 2 and HIPAA; contribute to security policy development and enforcement
Support third-party risk management vendor security evaluations and security platform consolidation efforts to reduce complexity and operational cost

Qualifications:

Bachelors degree in Information Security Computer Science or related field
8 years of progressive cybersecurity experience with strong focus on security operations and engineering or equivalent experience
Proven hands-on experience with the Microsoft security stack: Defender for Endpoint Defender for Identity Defender for Office 365 and Microsoft Sentinel
Demonstrated experience with identity and access management: Microsoft Entra ID MFA Conditional Access and Privileged Identity Management (PIM)Cloud security experience in Azure (required) and AWS (a plus); ability to monitor and respond to threats across hybrid cloud environments
Experience leading or building security operations programs including SIEM vulnerability management and security automation in an enterprise environment
Familiarity with compliance frameworks including NIST CSF ISO 27001 SOC 2 and HIPAAPrior experience in a player-coach capacity comfortable both leading a team and rolling up sleeves on technical execution
Strong communication skills with the ability to translate technical risk into business impact for executive and non-technical audiences
Relevant certifications preferred (CISSP CISM CRISC CCSP GCIH etc.)