Information and Cyber Security Manager

Company Description

Bicycle Therapeutics is a clinical-stage pharmaceutical company developing a novel class of medicines, referred to as Bicycle® molecules, for diseases that are underserved by existing therapeutics. Bicycle molecules are fully synthetic short peptides constrained with small molecule scaffolds to form two loops that stabilize their structural geometry. This constraint facilitates target binding with high affinity and selectivity, making Bicycle molecules attractive candidates for drug development. The company is evaluating zelenectide pevedotin (formerly BT8009), a Bicycle® Toxin Conjugate (BTC®) targeting Nectin-4, a well-validated tumor antigen; BT5528, a BTC molecule targeting EphA2, a historically undruggable target; and BT7480, a Bicycle Tumor-Targeted Immune Cell Agonist® (Bicycle TICA®) targeting Nectin-4 and agonizing CD137, in company-sponsored clinical trials. Additionally, the company is developing Bicycle® Radio Conjugates (BRC™) for radiopharmaceutical use and, through various partnerships, is exploring the use of Bicycle® technology to develop therapies for diseases beyond oncology.

Bicycle Therapeutics is headquartered in Cambridge, UK, with many key functions and members of its leadership team located in Cambridge, Massachusetts US.

Culture is key and all Bicycle employees actively embrace and role model our company values:  

• We are Adventurous. We believe it's the way to deliver extraordinary results for our patients.
• We are Dedicated to our Mission. You can't change the world if you don't have determination
• We are One Team. We only succeed when we work together. 

Job Description

We have an exciting new opportunity for an Information and Cyber Security Manager to join our growing team. Information Security is an area of importance for Bicycle touching on all areas of the business.

You will have a general experience of broader complex information security issues. Reporting directly to the Associate Director of Corporate IT, you will enjoy a varied role advising the company’s teams in the UK and US. 

Key responsibilities

• Manage the Information Security Management System that is in place at Bicycle, aligned with the ISO 27001:2022 specification. 
• Lead the activities associated with our ISO certification, including coordinating activities to provide evidence to support the certification. 
• Work and coordinate with multiple teams to assess information security risks. 
• Support the development of any IT and IS policies required by the organization as part of their operational requirements. 
• Manage security training and awareness, supporting a culture where cyber security (and the risks of) is understood and becomes second nature to the way we work 
• Work closely with the Data Privacy Counsel  and the Legal team to provide technical support and advise on data protection, privacy, data confidentiality, cybersecurity  and related matters across the business including with respect to clinical trials and related commercial contracts. 
• Assist with maintaining and implementing data protection policies and other data privacy internal materials.  
• Ensure Bicycle’s proprietary information is held, shared effectively, and secured across the company and relevant 3rd parties, adhering to regulatory requirements (21 CFR part 11 and GxP) 
• Assist with developing the Business Continuity Plan. 
• Liaise with the quality, compliance and regulatory teams to guide and help implement their requirements and align with our IS strategy.  
• Act as lead internal contact for all information security compliance matters. 
• Interact with data privacy regulators as required. 
• Supervise external supporting consultants as required. 
• Manage the third party / supplier lifecycle, i.e. on-boarding, on-going and off-boarding, from an information management perspective. 
• Acquire detailed understanding of the technologies, products, intellectual property and R&D activities of the business. 

Qualifications

Essential:   

• Educated in a relevant subject or be able to demonstrate the relevant experience and proven track record to be successful in role 
• Proven experience in implementing and supporting ISO 27001 certification via independent auditors. 
• Awareness of SOX controls and alignment between them and ISO. 
• Experience of deploying and managing information security management systems and information risk registers. 
• Experience advising on information security, data privacy and data handling issues, including in the context of commercial contracts. 
• Experience of dealing with and advising a wide range of business stakeholders in determining requirements and priorities, as well as resolving issues. 
• Analyse third party risk management i.e. assess the supply chain and manage the risks  
• Good analytical, critical thinking and problem-solving skills. 
• Ability to work in an international team across different time zones. 
• Able to prioritise and manage a high volume of work. 
• Ability to work across functions – excellent interpersonal and communication skills, both written and verbal. 
• Experience of responding to data incident / breaches, either directly or through “table top” exercises. 
• Ability to proactively identify issues, think strategically, propose and implement practical solutions. 
• Willing to take on new challenges. 

Desirable:   

• Experience of working in SOX, ISO and US public company environments 
• Experience advising life sciences companies. 
• Experience working in a fast-moving environment. 

Additional Information

• State-of-the-art campus environment with on campus restaurant and Montessori nursery
• Flexible working environment
• Competitive reward including annual company bonus 
• Employee recognition schemes
• 28 days annual leave in addition to bank holidays + option to buy up to 5 additional days annually
• Employer contribution to pension (employee does not have to contribute) 
• Life assurance cover 4x basic salary 
• Private Medical Insurance, including optical and dental cover. 
• Group income protection
• Employee assistance program
• Health Cash Plan
• Access to company subsidized gym membership.
• Eligibility for an option grant to subscribe to shares in Bicycle Therapeutics plc. 
• Cycle to work scheme 

Bicycle Therapeutics is committed to building a diverse workforce that is representative of the communities we serve. We recognize that diverse and inclusive teams build a stronger and more innovative company. Therefore, all qualified applicants will be considered for employment, and we do not discriminate on the basis of race, religion, colour, gender, sexual orientation, age, disability status, marital status, or veteran status.