Director, Information Security & Technology

Welcome to the era of Velsera! Seven Bridges, Pierian & UgenTec have combined to become Velsera.

Velsera is the precision engine company. We empower researchers, scientists, and clinicians to drive precision R&D, expand access to, and more effectively leverage analytics at the point of care. 

We unify technology-enabled solutions and scientific expertise to enable a continuous flow of knowledge across the global healthcare ecosystem. This interweaves diverse biomedical communities, allowing them to build upon each other’s success and accelerate medical breakthroughs that positively impact human health.

With our headquarters in Boston, MA, we are growing and expanding our team which located in 14 different countries!

What will you do?
● Lead IT & Information Security managers and teams to ensure the successful design, implementation, 
documentation and operation of information security and technology and general technical controls.
● Oversee and drive the technical aspects of Information security Management system (ISMS), security 
architecture (including respective vendors) and corporate security program.
● Lead an Information Security Operations Team that support security event monitoring and incident 
response, vulnerability management, management of Information Security tooling such as SIEM, EDR/XDR, 
vulnerability scanner, malware protection etc., 
● Lead an Information Security Product Team that support security architecture reviews for product, 
application security testing such as code scanning, pen testing/ethical hacking, manage 3rd party pen tests, 
educate Software Engineers and Architects. 
● Manage significant information security incidents across the organization.
● Manage IT ender user compute including the IT Service Desk function.
● Lead large IT projects, including the design and deployment of new IT systems and services. 
● Monitor performance of IT systems to determine cost and productivity levels, and to make 
recommendations for improving the Company’s overall IT infrastructure. 
● Define the Company’s IT infrastructure strategy, architecture, and processes. 
● Analyze business requirements by partnering with key stakeholders across the organization to determine 
the appropriate IT needs of the Company. 
● Assess vendors, develop strategies and maintain control over all Company hardware and software 
purchases, including helping to manage renewals and terminations, where appropriate. 
● Mentor and coach managers and team members.
● Lead Budgeting and cost control for the Information Security and Technology organization.

What do you bring to the table?

Qualifications
● Bachelor’s degree in Computer Science, Accounting, Finance, Information Systems, Information Technology
or related field
● 6+ years’ experience in risk, controls and compliance. Plus, sufficient experience managing and/or directing 
an IT operation in a high-growth environment. 
● Experience preferred in applying relevant technical knowledge in at least four of the following 
audits/regulations: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, FISMA, FedRAMP, 
SOX 404, HITRUST CSF, HIPAA, ISO 9001, GxP, 21 CFR Part 11, GAMP 5, EU Annex 11
● Good understanding and technical knowledge of current network and client operating systems, hardware, 
protocols, and standards, such as Windows OS, cloud platforms like O365, Azure and AWS, and common 
computer hardware and desktop productivity software solutions. 
● Experience in IT infrastructure strategic planning and development, project management, and/or policy 
development and understanding of core ITIL principles.
● CISA, CISSP, CISM certifications preferred
● Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive
● Demonstrated integrity within a professional environment
● Strong written and verbal communication skills and presentation skills
● Leadership, teamwork and client service skills
● English language proficiency

Technology
● Technical audit / controls experience: Operating Systems (Linux), Databases, Web Applications
● Identity and access management (I&AM) experience
● Exposure to security technologies such as IDS, Firewalls, Anti-virus, SIEM, WAF, etc.
● Amazon Web Services (AWS) and Google Cloud Platform (GCP)
● Atlassian Suite - JIRA & Confluence
Extra Credit
● Experience auditing within the pharmaceutical, clinical, diagnostic, and/or healthcare industries
● Master’s degree
● Public accounting IT risk and controls experience
● Familiarity with the command line interface of multiple operating systems – Windows, macOS, Linux, etc.
● Understanding of scripting languages to include the following – python, shell, ruby, perl
● Corporate IT / Help desk
● Docker, Ansible, Kubernetes
● A sense of humor

Competencies 
Managing 
● The ability to manage and take charge of employees in order to enhance their performance; defining targets 
and providing appropriate means; controlling progress and correcting employees. 
● has a natural authority over other people 
● takes control in team meetings in which complex and opposing interests are defended 
● distinguishes between personal and organizational interests 
● brings employees' career development in tune with strategic goals 
● gets the most out of their employees 
Networking 
● The ability to develop and maintain relations, alliances and coalitions within and outside the organization 
and to use them in order to obtain information, support and cooperation. 
● looks beyond cultural differences and other barriers in their search for useful contacts 
● contacts other departments in order to increase the chance of their own project succeeding (cooperation, 
support) 
● uses their network (e.g. for information) to support their work 
● involves others in their professional networks and stimulates them to expand these 
● engages others in creating a broader basis for one's organization to achieve its goals 
● searches critically for people who could play a role in expanding their influential network 
● is cooperative and incorruptible, uses their network without manipulating it 
 

People first. We create collaborative and supportive environments by operating with respect and flexibility to promote mental, emotional and physical health. We practice empathy by treating others the way they want to be treated and assuming positive intent. We are proud of our inclusive diverse team and humble ourselves to learn about and build our connection with each other.

Patient focused. We act with swift determination without sacrificing our expectations of quality. We are driven by providing exceptional solutions for our customers to positively impact patient lives. Considering what is at stake, we challenge ourselves to develop the best solution, not just the easy one. 

Integrity. We hold ourselves accountable and strive for transparent communication to build trust amongst ourselves and our customers. We take ownership of our results as we know what we do matters and collectively we will change the healthcare industry. We are thoughtful and intentional with every customer interaction understanding the overall impact on human health. 

Curious. We ask questions and actively listen in order to learn and continuously improve. We embrace change and the opportunities it presents to make each other better. We strive to be on the cutting edge of science and technology innovation by encouraging creativity. 

Impactful. We take our social responsibility with the seriousness it deserves and hold ourselves to a high standard. We improve our sustainability by encouraging discussion and taking action as it relates to our natural, social and economic resource footprint. We are devoted to our humanitarian mission and look for new ways to make the world a better place. 

Velsera is an Equal Opportunity Employer:
Velsera is proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, colour, gender, religion, marital status, domestic partner status, age, national origin or ancestry.