SUMMARY/JOB PURPOSE (Basic purpose of the job):

Protect the organization's digital infrastructure, data, and systems from internal and external cybersecurity threats by implementing, managing, and continuously improving security practices, tools, and operations with a focus on cloud applications and infrastructure.

ESSENTIAL DUTIES/RESPONSIBILITIES:

• Design and implement robust security architectures for cloud environments following best practices, industry standards, and regulatory requirements.
• Lead cross-functional collaboration on technology initiatives to strengthen security across systems and operations, ensuring alignment with organizational objectives and industry best practices.
• Lead the investigation and resolution of complex security events and incidents, including malware outbreaks, unauthorized access attempts, and significant security breaches. Develop and implement response strategies, coordinate cross-functional teams, and ensure lessons learned are integrated into security policies and controls.
• Analyze security logs and events from various sources to proactively develop and implement security measures that address current and emerging threats.
• Provide updates to leaders on latest threat landscape, emerging trends, and propose cybersecurity solutions to proactively identify and mitigate potential security risks.
• Enhance the organization's security posture by assessing vulnerabilities and recommending solutions to address identified weaknesses.
• Collaborate with internal teams, vendors, and partners to provide guidance and expertise on security best practices and incident response.
• Ensure compliance with industry standards and organizational policies, including SOX and FDA regulatory requirements, by following established procedures and controls.

SUPERVISORY RESPONSIBILITIES:

• No supervisory responsibilities.

EDUCATION/EXPERIENCE/KNOWLEDGE & SKILLS:

Education:

• Bachelor's degree in related discipline and 9 years of related experience; or
• Master's degree in related discipline and 7 years of related experience; or
• Equivalent combination of education and experience
• CISSP, CISM, CEH, OSCP, GIAC or similar cybersecurity certification preferred

Experience:

• Experience with operation and implementation of cybersecurity tools.
• Experience in designing, implementing, and managing security controls within cloud platforms, such as IAM, VPC, Zero Trust principles, IaC, IAAS, Security Groups, Key Management Services, SDLC, Ci/Cd pipelines and Network Security.
• Experience in IT Security or related infrastructure administration role in an enterprise environment. Technical lead or management experience preferred.
• Experience in investigations and response to cyber events and incidents.
• Experience in enhancing organizational security awareness and resilience.
• Experience with cloud, system, and application security.
• Experience administering IT systems.
• Experience working in Agile environments and using ticketing systems (e.g., JIRA, JSM).
• Experience in regulated industries (e.g., biotech, pharma) with knowledge of GxP and SOX compliance preferred.

Knowledge, Skills and Abilities:

• Strong knowledge of general IT applications and infrastructure.
• Advanced knowledge of CLI and scripting language experience (Python, PowerShell, etc..)
• Advanced knowledge of AWS
• Advanced knowledge of IAC, SDLC, Ci/Cd pipelines
• Advanced knowledge of cybersecurity technologies and concepts.
• Strong analytical, problem solving, organizational, and communication skills.
• Ability to work effectively with customers to solve business challenges while balancing the need for confidentiality, integrity, and availability.
• Ability to multitask and work collaboratively.
• Ability to work with ambiguity.
• Ability to work with confidential data.
• Ability to continuously learn and improve.
• Ability to work with minimal guidance, to adapt to frequent priority changes, and response to ad-hoc requests
• Architect secure cloud infrastructure using guardrails and golden paths using IaC patterns across AWS and Azure.
• Integrate SAST, SCA, DAST, and dependency scanning into GitHub pipelines and provide help and support

Work Environment/Physical Demands:

Our office is a modern, open space that fosters collaboration and creativity. Teams work closely together, sharing ideas and solutions in a supportive atmosphere. We provide all necessary equipment, including dual monitors and ergonomic chairs, to ensure a comfortable workspace.

• Occasional travel (5%).
• On-call availability for critical escalations.

#LI-EZ1

Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The base pay range for this position is $154,500 - $220,500 annually. The base pay range may take into account the candidate's geographic region, which will adjust the pay depending on the specific work location. The base pay offered will take into account the candidate's geographic region, job-related knowledge, skills, experience and internal equity, among other factors.

In addition to the base salary, as part of our Total Rewards program, Exelixis offers comprehensive employee benefits package, including a 401k plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts. Employees are also eligible for a discretionary annual bonus program, or if field sales staff, a sales-based incentive plan. Exelixis also offers employees the opportunity to purchase company stock, and receive long-term incentives, 15 accrued vacation days in their first year, 17 paid holidays including a company-wide winter shutdown in December, and up to 10 sick days throughout the calendar year.

WORKING CONDITIONS:

Our office is a modern space that fosters collaboration and creativity. Teams work closely together, sharing ideas and solutions in a supportive atmosphere. We provide all necessary equipment, including dual monitors and ergonomic chairs, to ensure a comfortable workspace.

DISCLAIMER:
The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.