Associate Director, IT Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

CareDx, Inc. · 1 day ago

Associate Director, IT Security

positionBrisbane, CA
timeFull-time
remoteOnsite
seniorityLead/Staff, Director/Executive
money$208K/yr - $252K/yr
date8+ years exp

CareDx, Inc. is a leading precision medicine solutions company focused on the discovery, development, and commercialization of healthcare solutions for transplant patients. The Associate Director, IT Security will blend business and technical knowledge to support the company’s cybersecurity program, manage security controls, and mentor a security team.

BiotechnologyHealth CareHealth DiagnosticsInformation Technology
badNo H1Bnote

Responsibilities

Security operational and governance focus. Ensuring the business stays aligned with applicable risks and regulatory requirements
Ensure cybersecurity strategy and road map are in alignment with industry, threats, audit gaps, and best practices. Keep maturity efforts on-track
Develop, document, manage and improve security controls across all departments
Support configuration management by providing security best practice configuration recommendations
Support secure application development through Dev/Sec/Ops
Ensure compliance to security policies, standards and processes
Provide audit support through activities like, quarterly user role and access, ensuring alignment with role and access matrixes, working with external auditors
Conduct third-party risk management through risk assessments and provide recommendations
Provide risk management activities by qualifying and performing internal risk assessments and risk treatment recommendations
Assist in the development, delivery, training and administration of security awareness programs to the workforce
Ability to operate security tools, e.g. Endpoint protection, Web filtering, VM, MDM, SIEM, DLP, etc
Collect and gather metrics from tools and teams for security reporting. Prepare and present reports to security committee and leadership
Support and lead cybersecurity incident response efforts
Manage DR and BCP programs
Manage IT security budget
Other duties as assigned

Qualification

NIST CSFSOC 2 auditHIPAA risk assessmentsCloud securityApplication securityIDR toolsEDR toolsSIEM toolsAzure Security CenterProject managementCommunication skillsTeam collaborationDetail-oriented

Required

Bachelor's degree in business, Computer Science, Engineering or related discipline or equivalent experience
8 years in an IT security leadership role required, or related technical leadership experience
Solid understanding of NIST CSF cybersecurity framework; including the ability to apply appropriate identification, proration, detection, respond, and recover capabilities
Experience managing SOC 2 audit efforts and HIPAA risk assessments
Business analyst and/or audit experience encompassing information technology systems and security controls
Understanding of application security disciplines, exploits, and frameworks such as OWASP
Working knowledge of directory services, application development, and infrastructure (networks, server and end computing devices) as required to ensure compliance with information security controls
Experience with IDR, EDR, PAM, SIEM and NAC tools
Experience providing technical oversight on managed, or internal, security services including endpoint protection, vulnerability assessments, patch management, log management, and perimeter controls
Office O365 experience focusing on security best practices and configuration
Azure experiences focusing on Security Center and best practices and configuration
Experience working with application development teams (DevOps)
A broad range of exposure to business continuity, systems analysis and risk management
Project or engagement management experience with the ability to manage multiple and complex priorities across cross-functional teams
Takes initiative on improvements and proposes solutions to security and audit gaps
Ability to handle multiple tasks and projects simultaneously in an organized and timely manner
Detailed oriented, with the ability to plan, prioritize, and meet deadlines in a fast-paced environment
Ability to communicate professionally and effectively, both written and verbally, particularly when under pressure
Ability to work independently, as well as part of a team

Preferred

Experience with cloud provider security concerns and documenting risk treatment initiatives is highly preferred
Experience with CrowdStrike, ArticWolf, Abnormal Security, Microsoft Purview a plus

Benefits

Competitive base salary and incentive compensation
Health and welfare benefits, including a gym reimbursement program
401(k) savings plan match
Employee Stock Purchase Plan
Pre-tax commuter benefits
Living Donor Employee Recovery Policy that allows up to 30 days of paid leave annually to a full-time employee who makes the selfless act of donating an organ or bone marrow.

Company

CareDx, Inc.

twittertwittertwitter
company-logo
CareDx, Inc., headquartered in South San Francisco, is a precision medicine company focused on the discovery, development, and commercialization of clinically differentiated, high-value healthcare solutions for transplant patients and caregivers.
dateFounded in 1998
location
Brisbane, California, USA
people-size501-1000 employees
web-link
https://www.caredx.com/

Funding

Current Stage
Public Company
Total Funding
$574.89M
Key Investors
Bristol-Myers SquibbSprout Group
2021-01-21Post Ipo Equity· $164M
2020-06-09Post Ipo Equity· $117.1M
2018-11-13Post Ipo Equity· $52.8M

Leadership Team

leader-logo
John Hanna
President and CEO
linkedin
leader-logo
Nathan Smith
Chief Financial Officer
linkedin

Recent News

Mobihealthnews
CareDx, 10x Genomics partner to decode transplant rejection at cellular resolution
2026-01-16
GenomeWeb
CareDx Preliminary Q4 Revenue Grows 23 Percent on Testing Services Uptick
2026-01-14
GenomeWeb
10x Genomics Makes Big Push Into Clinical World With Trio of Collaborations, Planned CLIA Lab
2026-01-14
Company data provided by crunchbase