Associate Director, Information Security

  • Watertown, MA, USA
  • Full-time

Company Description

Kala is a biopharmaceutical company focused on the development and commercialization of therapeutics using its proprietary AMPPLIFYTM mucus-penetrating particle (MPP) Drug Delivery Technology, with an initial focus on the treatment of eye diseases. Kala has applied the AMPPLIFY Drug Delivery Technology to a corticosteroid, loteprednol etabonate (LE), designed for ocular applications, resulting in recently approved INVELTYSTM for the treatment of inflammation and pain following ocular surgery and its lead product candidate, KPI-121 0.25%, for the temporary relief of the signs and symptoms of dry eye disease, for which a New Drug Application (NDA) has been filed with the United States Food and Drug Administration (FDA) and a target action date under the Prescription Drug User Fee Act (PDUFA) has been set for August 15, 2019.

Job Description

  • Manage and ensure effectiveness of security solutions, including firewalls, anti-virus solutions, and intrusion detection systems
  • Establish and maintain regular written and in-person communications with the organization’s executives, decision-makers, stakeholders, department heads, and end users regarding pertinent network activities
  • Manage and coordinate activities of our security service provider (monitor computer networks for security issues)
  • Investigate security breaches and other cyber security incidents, Document security breaches and assess the damage they cause and report findings to head of IT
  • Coordinate the installation of security measures and coordinate activities to protect systems and information infrastructure, including firewalls and data encryption programs
  • Work with security services provider to perform tests and uncover network vulnerabilities
  • Fix detected vulnerabilities to maintain a high-security standard
  • Stay current on IT security trends and news
  • Develop company-wide best practices for IT security
  • Perform penetration testing
  • Research security enhancements and make recommendations to management
  • Stay up-to-date on information technology trends and security standards
  • Security awareness and training for the organization
  • Vendor reviews and assessment
  • SOX compliance administration
  • Physical security oversight

Qualifications

  •  7+  years of experience managing and configuring enterprise-wide LANs, WANs, WLANs, VPNs, etc.
  • Work experience within ITIL Service Model is a plus
  • Prior experience in the Bio-tech industry is preferred
  • Excellent knowledge of current protocols and standards, including Active Directory, Group Policies, MS Exchange, Core Switching/Routing, SSL/IPSec, SAN, Virtualization, Business Continuity, Disaster Recovery
  • Experience in interpreting the applicability of local and federal laws/regulations (including data privacy practices and laws) to company operations
  • Bachelor's degree in computer science or related field
  • Technical degree in computer technology or related field
  • Experience in information security or related field
  • Experience with computer network penetration testing and techniques
  • Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
  • Ability to identify and mitigate network vulnerabilities and explain how to avoid them
  • Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact
  • Good understanding of the organization’s goals and objectives
  • Strong interpersonal, written, and oral communication skills
  • Able to conduct research into networking issues and products as required
  •  Ability to prioritize and execute tasks and make sound decisions in emergency situations
  • Ability to present ideas in a user-friendly language
  • Highly self-motivated and directed
  • High attention to detail
  • Proven analytical and problem-solving abilities
  • Strong customer service orientation
  • Experience working in a team-oriented, collaborative environment

 

Additional Information

All your information will be kept confidential according to EEO guidelines.