ROIVANT SCIENCES LTD
Senior Cybersecurity Architect
ROIVANT SCIENCES LTD, New York, New York, us, 10261
Roivant's mission is to systematically reduce the time, cost, and risk of delivering new medicines to market by accelerating the development of promising drug candidates to improve the lives of patients and their families. Since its inception in 2014, Roivant has achieved the following critical milestones in support of its vision: built over 20 portfolio companies (Vants); 5 successful IPOs; 10 consecutive positive phase 3 trials; 6 FDA approvals; >10$B in global pharma partnerships and proceeds; expanding pipeline of assets across various modalities and therapeutic areas; successful commercial launch of VTAMA®, (tapinarof) cream, 1%, for the topical treatment of plaque psoriasis in adults. Building upon this track record of establishing a robust pipeline through in-licensing and acquisition of novel assets and technology platforms, Roivant is currently building new capabilities in drug discovery and expanding upon existing development disciplines to become the leading tech-enabled pharmaceutical company.
To learn more about our story and company culture, please visit us at https://roivant.com/
Position Summary:
The Senior Cybersecurity Architect's key responsibilities:
Builds strong Vant relationships and effectively influence staff at all levels of Roivant organizations.As a member of the Roivant cybersecurity staff, contributes to addressing security challenges, identifying innovative technology opportunities, and assisting Vant staffs in reducing security risks.Designs security reference architectures in accordance with security standards and various regulatory and compliance requirements (e.g., Protected Health Information).Assists in the evaluation and threat modelling of overall risk for systems including data, accounting for the people, processes, and technologies that provide security controls.Architects, advises, prioritizes, coordinates, and communicates the choice of security technologies necessary to ensure a highly secure yet usable computing environment.Provides security architecture and advice in one or more areas of expertise: application development, infrastructure, system/application, network, physical, supply chain and enterprise technology projects.Works with various engineering teams to choose appropriate secure configurations, security solutions and facilitates complete integration into the respective environments.Participates in the review of design principles, controls and configurations governing third-party access to Roivant/Vant systems or third-parties receiving/using Roivant/Vant data.Contribute to Roivant/Vant security incident discovery and response activities.Maintains currency of new and emerging security threats, security frameworks, security solutions/technologies, and regulationsRequirements:
Extensive participatory experience in building secure and compliant network and systems architectures.Hands on experience with Cloud security architectures.Experience designing secure cloud native systems and applications.Experience in the design and implementation of security products.7+ years of implementation/consulting experience with security, compliance, and risk management including a mix of hands-on technical architecture work along with compliance and oversight.BA/BS degree in Computer Science/Computer Information Systems or related experience; four years minimum related experience.Expert knowledge and implementation experience of information security principles, policy enforcement, operating systems, and web applications.High-level of familiarity with malicious code technical capabilities, uses,Mitre ATT&CK, OWASP Top 10 vulnerabilities, and common techniques used by hackers.Hands-on experience with secure networking design concepts, services such as DNS, gateways, proxies, HTTPS, and TLS, as well as securing software-defined systemsDemonstrated experience in designing architectures and technical audit activity to meet security and compliance requirements for including but not limited to NIST, SOC2, HITRUST, ISACA, HIPAA, GDPR, etc.Demonstrated knowledge of regulatory audit standards.Experience with managing the security implications of cloud migrations and providing guidance and recommendations.Experience in programming/scripting: Java, Python, C#, GoLang, Ruby, Shell scripting, etc.Professional Attributes that you possess:
Highly motivated, creative problem solver, willing to take on multiple responsibilities at once and consistently delivering results.Ability to think strategically with excellent business judgment.Resourceful and relentless: independently capable of seeking information, solving conceptual problems, corralling resources, and delivering results in challenging situations.Excellent verbal and written communication skills; ability to deal with complex problems and present recommendations and findings in a clear, concise format.Ability to successfully speak with auditors and senior managers on varying information systems within Roivant and Vants.Additional Preferred Qualifications:
Previous experience in a startup, early life cycle, product development company.Comprehensive understanding of internal control environments within the IT function.Experience with multiple technology domains including aspects of Windows, Mac, Firewalls (functionality), Office 365 Security, Azure, AWS, GCP, Endpoint Security, and Multi Factor Authentication.
Base salary for this role will be determined during the interview process and will vary based on multiple factors, including but not limited to prior experience, relevant expertise, current business needs, and market conditions.
Base salary if hired is only part of the total compensation package, which, depending on the position, may also include other components such as discretionary bonuses, equity, and Company-sponsored benefit programs.
This position is at-will and Roivant reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance and business and market conditions.
Roivant Sciences provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
We will not accept unsolicited resumes nor outreach from agencies. Please do not send agency resumes to our website or Roivant Sciences and affiliated employees.
To learn more about our story and company culture, please visit us at https://roivant.com/
Position Summary:
The Senior Cybersecurity Architect's key responsibilities:
Builds strong Vant relationships and effectively influence staff at all levels of Roivant organizations.As a member of the Roivant cybersecurity staff, contributes to addressing security challenges, identifying innovative technology opportunities, and assisting Vant staffs in reducing security risks.Designs security reference architectures in accordance with security standards and various regulatory and compliance requirements (e.g., Protected Health Information).Assists in the evaluation and threat modelling of overall risk for systems including data, accounting for the people, processes, and technologies that provide security controls.Architects, advises, prioritizes, coordinates, and communicates the choice of security technologies necessary to ensure a highly secure yet usable computing environment.Provides security architecture and advice in one or more areas of expertise: application development, infrastructure, system/application, network, physical, supply chain and enterprise technology projects.Works with various engineering teams to choose appropriate secure configurations, security solutions and facilitates complete integration into the respective environments.Participates in the review of design principles, controls and configurations governing third-party access to Roivant/Vant systems or third-parties receiving/using Roivant/Vant data.Contribute to Roivant/Vant security incident discovery and response activities.Maintains currency of new and emerging security threats, security frameworks, security solutions/technologies, and regulationsRequirements:
Extensive participatory experience in building secure and compliant network and systems architectures.Hands on experience with Cloud security architectures.Experience designing secure cloud native systems and applications.Experience in the design and implementation of security products.7+ years of implementation/consulting experience with security, compliance, and risk management including a mix of hands-on technical architecture work along with compliance and oversight.BA/BS degree in Computer Science/Computer Information Systems or related experience; four years minimum related experience.Expert knowledge and implementation experience of information security principles, policy enforcement, operating systems, and web applications.High-level of familiarity with malicious code technical capabilities, uses,Mitre ATT&CK, OWASP Top 10 vulnerabilities, and common techniques used by hackers.Hands-on experience with secure networking design concepts, services such as DNS, gateways, proxies, HTTPS, and TLS, as well as securing software-defined systemsDemonstrated experience in designing architectures and technical audit activity to meet security and compliance requirements for including but not limited to NIST, SOC2, HITRUST, ISACA, HIPAA, GDPR, etc.Demonstrated knowledge of regulatory audit standards.Experience with managing the security implications of cloud migrations and providing guidance and recommendations.Experience in programming/scripting: Java, Python, C#, GoLang, Ruby, Shell scripting, etc.Professional Attributes that you possess:
Highly motivated, creative problem solver, willing to take on multiple responsibilities at once and consistently delivering results.Ability to think strategically with excellent business judgment.Resourceful and relentless: independently capable of seeking information, solving conceptual problems, corralling resources, and delivering results in challenging situations.Excellent verbal and written communication skills; ability to deal with complex problems and present recommendations and findings in a clear, concise format.Ability to successfully speak with auditors and senior managers on varying information systems within Roivant and Vants.Additional Preferred Qualifications:
Previous experience in a startup, early life cycle, product development company.Comprehensive understanding of internal control environments within the IT function.Experience with multiple technology domains including aspects of Windows, Mac, Firewalls (functionality), Office 365 Security, Azure, AWS, GCP, Endpoint Security, and Multi Factor Authentication.
Base salary for this role will be determined during the interview process and will vary based on multiple factors, including but not limited to prior experience, relevant expertise, current business needs, and market conditions.
Base salary if hired is only part of the total compensation package, which, depending on the position, may also include other components such as discretionary bonuses, equity, and Company-sponsored benefit programs.
This position is at-will and Roivant reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance and business and market conditions.
Roivant Sciences provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
We will not accept unsolicited resumes nor outreach from agencies. Please do not send agency resumes to our website or Roivant Sciences and affiliated employees.