Cybersecurity Lead

Durham, NC
Information Technology /
FT /
On-site
Apply for this job
At BioAgilytix, we are passionate about premier science and the impact it has on our world. Our team of highly experienced scientists and professionals deliver tailored services for supporting new medicine breakthroughs with best-in-class bioanalytical services. We are tirelessly committed to our customers by being solution-oriented and deadline-driven. . . and we are growing. Our culture is fast-paced, fun and never boring. Because we work across numerous clients and drug modalities, your career can develop rapidly. You’ll gain experience with a variety of challenges all while you enable life-changing, life-saving therapeutics to the patients who need them.

The Cybersecurity Lead will be responsible for building and leading BioAgilytix’s global cybersecurity program. This role will set the strategy and oversee execution to strengthen our security posture across a multi-site, regulated CRO environment. The Cybersecurity Lead will unify existing policies into a streamlined, risk-based framework, ensure compliance with standards such as ISO 27001, GDPR, and GxP/CLIA, and drive initiatives in data protection, incident response, and business continuity. Partnering closely with IT, Operations, and business leaders, this role will enable secure adoption of technologies while fostering a risk-aware culture that supports scientific innovation without slowing progress.


Essential Responsibilities

    • Develop and lead BioAgilytix’s enterprise cybersecurity strategy and multi-year roadmap, aligned to industry frameworks (NIST CSF, ISO 27001).
    • Oversee governance, risk, and compliance activities, including policy development, regulatory alignment (GxP/CLIA, GDPR, Part 11), and global data privacy requirements.
    • Build and manage security operations, including incident response, threat monitoring, and disaster recovery planning.
    • Strengthen identity, access, and endpoint security controls across the enterprise.
    • Drive data protection and privacy initiatives, including classification, DLP, and secure email practices.
    • Establish and mature cloud, application, and integration security standards.
    • Consolidate and oversee business continuity and disaster recovery practices across global sites.
    • Enhance security within lab, OT, and network environments to safeguard scientific operations.
    • Manage vendor and third-party security risk, ensuring adherence to contractual and regulatory obligations.
    • Define guardrails for AI and new technologies, including M365 Copilot, with policies and training.
    • Lead company-wide security awareness, role-based training, and reporting of key risk and performance metrics to leadership.

These are skills needed to be successful:

    • Blend of strategic and hands-on leadership, with the ability to design security programs and deliver measurable outcomes.
    • Strong executive presence and communication skills; able to translate technical risk into clear business impact for senior leaders and the board.
    • Proven track record building cross-functional relationships across Quality, Legal, Finance, Lab Operations, and external vendors.
    • Pragmatic problem solver with risk-based prioritization, vendor/contract management experience, and a bias for automation and continuous improvement.
    • Ability to build and scale high-performing teams in a fast-paced, multi-site environment.
    • Adaptable, future-focused leader with resilience and creativity in enabling science and operations securely.

Minimum Preferred Technical Skills:

    • Identity and access management (e.g., Entra ID, MFA, privileged access, access reviews).
    • Security operations and incident response (e.g., EDR/XDR, SIEM/SOAR, threat detection, playbooks).
    • Data protection and privacy (e.g., DLP, encryption, retention, email hygiene, GDPR).
    • Cloud and application security (e.g., Azure, AWS, secrets management, secure development practices).
    • Network and operational technology security (e.g., segmentation, firewalls, secure remote access).
    • Compliance frameworks and regulatory requirements (e.g., ISO 27001, NIST CSF, GxP/CLIA, Part 11).
    • Business continuity and resilience (e.g., backup/restore validation, disaster recovery planning).

Minimum Preferred Qualifications - Education/Experience:

    • Bachelor’s degree in information security/computer science or related field required;
    • Required certification(s): CISSP/CISM, Azure Security Engineer, and/or CCSP/AWS Security.
    • 10+ years in cybersecurity with 2+ years building/leading programs in regulated life sciences/healthcare (GxP/CLIA, 21 CFR Part 11).
    • Proven success implementing SOC/MDR, SIEM/SOAR, and incident response in hybrid (cloud + on‑prem) environments.
    • Deep Microsoft 365/Azure/Entra experience (Conditional Access, PIM/PAM, Intune, Defender XDR, Sentinel, Purview DLP/eDiscovery).
    • Working knowledge of AWS security and SaaS shared‑responsibility models; vendor RACI, audit rights, and data residency controls.
    • Demonstrated BCDR delivery for mission‑critical workloads with tested runbooks and defined RTO/RPO.
    • Practical OT/lab security experience (segmentation, allow‑listing, validated patching) that balances security with lab productivity.

Working Environment:

    • This is an on-site role in Durham, NC
    • Routinely uses standard office equipment such as computers, phones, photocopiers, and filing cabinets

The benefits of joining our team:

    • Continued development and growth, international sites exposure and contacts
    • Exposure to cutting-edge bioanalytical technologies
    • Highly competitive healthcare coverage (HDHP with HSA; PPO), dental and vision
    • Competitive Paid Time Off (4 weeks per year) + Paid Holidays (9 scheduled; 5 floating)
    • 401k with Employer Match
BENEFITS AND OTHER PERKS
Medical Insurance (HDHP with HSA; PPO), Dental Insurance, Vision Insurance, Flexible Spending Account (medical; dependent care), Short Term Disability | Long Term Disability Life Insurance, Paid Time Off (4 weeks per year), Parental Leave, Paid Holidays (9 scheduled; 5 floating), 401k with Employer Match, Employee Referral Program

COMMITMENT TO EQUAL OPPORTUNITY
BioAgilytix provides equal employment opportunities to all employees and applicants for employment without regard to race, color, ancestry, national origin, gender, sexual orientation, marital status, religion, age, disability, gender identity, results of genetic testing, service in the military, or any other group protected by federal, state, or local law.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Apply for this job

BioAgilytix Home Page

Jobs powered by Lever logo