Massachusetts Jobs

Principal Information Security Architect - DTJ (REMOTE)

Req ID #: 223135

Location:

Wilmington, MA, US, 01887US

At Charles River, we are passionate about improving the quality of people’s lives. When you join our global family, you will help create healthier lives for millions of patients and their families.

Charles River employees are innovative thinkers, who are dedicated to continuous learning and improvement. We will empower you with the resources you need to grow and develop in your career.

As a Charles River employee, you will be part of an industry-leading, customer-focused company at the forefront of drug development. Your skills will play a key role in bringing life-saving therapies to market faster through simpler, quicker, and more digitalized processes. Whether you are in lab operations, finance, IT, sales, or another area, when you work at Charles River, you will be the difference every day for patients across the globe.

Job Summary

The Principal InfoSec Architect, a senior position with advanced skills, reports directly to the Head Information Security Architect and frequently collaborates with the CISO, team leads, Global Technology Architects, Business Leads, and the audit and compliance teams. This role is pivotal in designing security architectures that not only safeguard the organization but also support its operational and innovative endeavors. The Principal InfoSec Architect engages with a variety of teams including security engineering, IT infrastructure, application development, and security operations.

Key responsibilities include developing security strategies for business-to-business engagements, third-party relationships, outsourced solutions, and vendor management. With significant experience in AWS and Azure environments, the architect ensures that cloud security architectures are robust, compliant, and optimized for performance. The architect is tasked with providing expert guidance on current security challenges while anticipating future industry shifts to proactively develop secure solutions. This role demands a strategic thinker capable of understanding potential adversarial tactics and evolving threats. The Principal InfoSec Architect is also essential in leading and mentoring teams, requiring strong communication, organizational skills, and the ability to influence across technical and non-technical groups.

ESSENTIAL DUTIES AND REPONSIBILITIES

• Design and implement robust cloud security architectures for both Azure and AWS platforms, ensuring they meet industry standards and compliance requirements.

• Lead the development of cloud security strategies and frameworks that align with organizational goals and risk tolerance, focusing on scalable and sustainable security solutions.

• Conduct thorough assessments and audits of existing cloud infrastructure, identify security vulnerabilities, and prioritize remediation strategies based on risk.

• Develop and enforce cloud security policies and procedures that govern access, data security, network configurations, and the integration of third-party services.

• Oversee the integration of advanced security tools and technologies such as firewalls, intrusion detection systems, and encryption in Azure and AWS environments.

• Collaborate with IT and development teams to embed security practices in the DevOps pipeline, promoting a culture of security awareness and proactive risk management.

• Provide expert guidance on cloud security best practices, risk management, and incident response strategies to technical and executive teams.

• Stay abreast of emerging security threats and trends in cloud computing, and proactively develop strategies to mitigate potential risks to the organization.

• Lead training and development initiatives to enhance the security skills of the IT team, emphasizing cloud security principles and practices.

• Serve as the primary contact for external audits and security assessments related to Azure and AWS platforms, ensuring compliance with all regulatory and legal requirements.

• Partner, coach and functionally lead IT, engineering, development and business teams.

• Perform engineering performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.

• Perform other duties as assigned.

Job Qualifications

• Education: Batchelor’s degree (B.A./B.S.) or equivalent in computer science, information technology, or related discipline.

• Experience: At least 10+ years of experience in cybersecurity, including compliance and risk management with a background in system and network security engineering.

• An equivalent combination of education and experience may be accepted as a satisfactory substitute for the specific education and experience listed above.

• Certification/Licensure: IT security related certification desired (e.g., Security +, CISSP, CISA, GSEC, or similar professional certification).

• Other:

• A proven deep background (preferred 5+ years in addition to cybersecurity) in technology design, implementation and delivery.

• Experience in cloud computing technologies (AWS and Azure), including software-, infrastructure and platform-as-a-service, as well as public, private and hybrid environments.

• Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.

• Excellence in communicating business risk from cybersecurity issues.

• Experience with one or more of the following: ISO 27001, NIST, Payment Card Industry Data Security Standard (PCI DSS), Health Information Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH) Act, Sarbanes-Oxley Act (SOX) the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2.

• Working knowledge of Windows, Linux and Unix.

• Highly trustworthy; leads by example.

Compensation Data

The pay range for this position is $150K - $185K USD. Please note that salaries vary within the range based on factors including, but not limited to, experience, skills, education, certifications, and location

About Corporate Functions

The Corporate Functions provide operational support across Charles River in areas such as Human Resources, Finance, IT, Legal, Sales, Quality Assurance, Marketing, and Corporate Development. They partner with their colleagues across the company to develop and drive strategies and to set global standards. The functions are essential to providing a bridge between strategic vision and operational readiness, to ensure ongoing functional innovation and capability improvement.

About Charles River

Charles River is an early-stage contract research organization (CRO). We have built upon our foundation of laboratory animal medicine and science to develop a diverse portfolio of discovery and safety assessment services, both Good Laboratory Practice (GLP) and non-GLP, to support clients from target identification through preclinical development. Charles River also provides a suite of products and services to support our clients’ clinical laboratory testing needs and manufacturing activities. Utilizing this broad portfolio of products and services enables our clients to create a more flexible drug development model, which reduces their costs, enhances their productivity and effectiveness to increase speed to market.

With over 20,000 employees within 110 facilities in over 20 countries around the globe, we are strategically positioned to coordinate worldwide resources and apply multidisciplinary perspectives in resolving our client’s unique challenges. Our client base includes global pharmaceutical companies, biotechnology companies, government agencies and hospitals and academic institutions around the world.

At Charles River, we are passionate about our role in improving the quality of people’s lives. Our mission, our excellent science and our strong sense of purpose guide us in all that we do, and we approach each day with the knowledge that our work helps to improve the health and well-being of many across the globe. We have proudly supported the development of 86% of the drugs approved by the FDA in 2021.

Equal Employment Opportunity

Charles River Laboratories is an Equal Opportunity Employer - all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

If you are interested in applying to Charles River Laboratories and need special assistance or an accommodation due to a disability to complete any forms or to otherwise participate in the resume submission process, please contact a member of our Human Resources team by sending an e-mail message to [email protected] . This contact is for accommodation requests for individuals with disabilities only and cannot be used to inquire about the status of applications.

For more information, please visit www.criver.com.