Sr. IT Business Analyst (Cybersecurity & Infrastructure)

Axogen is committed to building and maintaining a strong and gratifying company culture that fosters professional growth. Our hands-on and personal approach makes transitioning to a new job a seamless and enjoyable process. Most benefits are effective on day one!  

Axogen is an equal opportunity employer and does not discriminate against applicants on the basis of race, color, creed, religion, ancestry, age, sex, marital status, national origin, disability or veteran status. 

 Why you’ll love working at Axogen: 

• Friendly, open, and fun team culture that values unique perspectives 
• Company-wide dedication to profoundly impacting patients’ lives 
• Comprehensive, high-quality benefits package effective on date of hire 
• Educational assistance available for all employees 
• Matching 401(k) retirement plan 
• Paid holidays, including floating holidays, to be used at your discretion 
• Employee Stock Purchase Plan 
• Referral incentive program 

Axogen Mission and Business Purpose

Our business purpose is to restore health and improve quality of life by making restoration of peripheral nerve function an expected standard of care. We aim to lead the markets we serve by always requiring the solutions we offer patients and caregivers provide an improved benefit-to-risk profile as compared to existing standards of care. To ensure we deliver improved benefit-to-risk solutions, we will guide and expect the market and design requirement specifications underlying our engineering, business development, and clinical research activities, objectively target advancements in standards of care.

Job Summary of the Sr. IT Business Analyst (Cybersecurity & Infrastructure)

The Sr. IT Business Analyst will demonstrate deep knowledge of CFR Part 11 compliance and GxP (Good Practices: Manufacturing, Clinical, and Laboratory) regulations within the life sciences industry. This role requires expertise in the Software Development Life Cycle (SDLC), project management, and requirements gathering for GxP-validated and Non-GxP software initiatives. The successful candidate will manage the end-to-end lifecycle of systems, from enhancements and validations to new system implementations, ensuring compliance with regulatory standards. This role acts as the bridge between business, technical, and compliance teams to ensure every project delivers on time, within scope, and meets CFR Part 11, GxP, and SOX quality and regulatory standards.

Requirements of the Sr. IT Business Analyst (Cybersecurity & Infrastructure)

• Bachelor's Degree in Information Technology, Computer Science, Life Sciences, or related field, plus 5 years of experience in the Software Industry, specializing in GxP and validated systems or 10 years of professional experience in an IT Business Analyst role, specializing in GxP and validated systems, without a formal degree.
• Proven success guiding cybersecurity and infrastructure projects alongside GxP software initiatives.
• Familiarity with ERP platforms (e.g., MS Great Plains, SAP, Oracle), cloud services (AWS/Azure), and security frameworks (CIS, NIST, ISO 27001).
• Working knowledge of SOX guidelines and their testing requirements.
• GxP/CSV/GAMP certification is a plus.
• Proven track record in life sciences, pharmaceutical, or healthcare IT projects in regulated environments.
• Solid experience with the full project lifecycle, including requirements gathering, testing, and implementation for validated software.
• Ability to write clear and concise test cases and validation documentation.
• Excellent communication, stakeholder-management, and training skills.
• Strong project management skills, including planning, tracking, and risk management.
• Familiarity with testing methodologies (e.g., Functional Testing, Regression Testing, UAT).
• Project Management Professional (PMP) or equivalent preferred
• Certification in GxP, CFR Part 11 Compliance, or similar regulatory frameworks preferred.

Responsibilities of the Sr. IT Business Analyst (Cybersecurity & Infrastructure)

The specific duties of the Sr. IT Business Analyst (Cybersecurity & Infrastructure) include but are not limited to:

• Backup & recovery enhancement program and timely restoration of critical systems.
• Roll-out of an infrastructure monitoring platform for critical assets.
• Network hardware-refresh project.
• Implementation of priority CIS sub-controls and third-party CIS maturity assessment.
• Organization-wide tabletop exercises, annual penetration testing, and KnowBe4 security-awareness campaigns.
• Power Automate workflow development, SharePoint enhancement model, Windows 11 pilot upgrade, and CMDB enrichment.
• Collaborate with business stakeholders to define and document business requirements for GxP-compliant applications (Manufacturing, Clinical, Laboratory).
• Conduct gap analyses against CFR Part 11/GxP standards and translate business requirements into clear functional and technical specifications.
• Translate business requirements into technical specifications for IT teams, ensuring alignment with business objectives and regulatory needs.
• Lead the planning, execution, and monitoring of IT projects to ensure timely delivery in accordance with CFR Part 11 and relevant GxP standards.
• Maintain detailed project documentation, including project plans, schedules, and risk assessments.
• Adhere to SDLC best practices for validated and non-validated systems and enhancements.
• Provide training for users on system enhancements and new features before go-live, including preparing materials and conducting training sessions.
• Develop and maintain work instructions and SOPs to support the SDLC process and ensure processes comply with regulatory standards.
• Facilitate internal and external audits for validated systems.
• Execute and document test scenarios for system validation in alignment with the IT Quality team.
• Design, implement, and conduct testing and validation strategies to ensure applications and IT systems meet business objectives, compliance, regulatory, and quality standards.
• Manage the end-to-end implementation of third-party GxP-validated applications: coordinate vendor activities and align configurations with regulatory requirements.

Location

111 West Oak Ave., Tampa, FL  33602

#LI-AC1

Benefits/Compensation

This position is eligible for an annual bonus.

Benefits offered for this position include Health, Dental, Vision, Matching 401K, Paid Time Off, 9 Paid Holidays + 3 Floating Holidays, Dependent Care Flexible Spending Accounts, Medical Flexible Spending Accounts, Tuition Reimbursement, Paid Parental Leave, Paid Caregiver Leave, Basic Life Insurance, Supplemental Life Insurance, Employee Stock Purchase Plan, and Disability Insurance, as described in more detail in summary plan descriptions.

Salary Range$100,532—$125,665 USD

Axogen follows healthcare system guidelines with respect to credentialing, vaccinations and other employment/compliance related requirements, as well as CDC guidance. Axogen reserves the right to amend its policies from time to time in its sole discretion.