Executive Director, IT Secruity & Operations

Headquartered in Carlsbad, California, and with offices in Boston, Massachusetts, and Dublin, Ireland, Ionis has been at work for more than three decades discovering medical breakthroughs that have redefined life for people with serious diseases. We are pioneers in RNA-targeted medicines, and our platform continues to revolutionize drug discovery and transform lives for patients with unmet needs.  With five currently marketed medicines for serious diseases and an expansive late-stage pipeline, we continue to build upon our groundbreaking innovations in science and technology to provide greater value to patients; and we are well positioned financially to deliver on our strategic goals.

At Ionis, we pride ourselves on cultivating a challenging, motivating and rewarding environment that fosters innovation and scientific excellence. We know our success is a direct result of the exceptional talent and dedication of our employees.

With an unprecedented opportunity to change the course of human health, we look to add diverse individuals, skill sets and perspectives to our exceptional team. We continue to invest time, money, and energy into making our onsite and remote work environments a place where solid and lasting relationships are built and where our culture and employees can thrive.

We are building on our rich history, and believe our greatest achievements are ahead of us.  We invite you to apply and join us if you’re passionate about the opportunity to have meaningful impact on patients in need, our employees, and our organization.  Experience and contribute to our unique culture while you develop and expand your career!

EXECUTIVE DIRECTOR, IT SECRUITY

SUMMARY: 

The Executive Director of IT Security & Operations is responsible for defining and executing an information security and operations vision, strategy, and continuous improvement plan. This role requires a strategic and proactive approach to safeguarding the organization’s data, scaling IT security and operations, and ensuring adherence to regulatory requirements and contractual obligations.

The role will drive a comprehensive cybersecurity risk management program, oversee the Security Operations Center (SOC), and develop a robust incident response strategy. Collaboration with cross-functional departments—including HR, Facilities, Privacy, Legal, and internal IT functions—is essential.  The candidate will be responsible for managing a team in support of enterprise cybersecurity risk management, as well as cloud & on-premises infrastructure, and end user services. 

This position will be on-site in our Carlsbad, CA location and open to flexible/hybrid schedule.

RESPONSIBILITIES: 

• Execute a three-year cybersecurity plan to protect the organization’s data and enhance NIST maturity.
• Support internal and external cybersecurity assessments, ensuring compliance with industry standards and regulatory requirements.
• Develop and oversee a comprehensive cybersecurity risk management program (in partnership with the Head of IT, Legal, Internal Audit), ensuring proactive identification, assessment, and mitigation of security threats and vulnerabilities.
• Partner with Head of Data & Analytics IT (and IT peers) to enable Ionis’ AI strategy, ensuring a pragmatic, secure, and responsible approach leveraging current and new technologies
• Lead the Security Operations Center (SOC), ensuring efficient threat intelligence, real-time monitoring, and automated incident response (SOAR).
• Successfully scale IT security and operations to support an increasing number of employees and commercial product expansion (via automation, AI, upskilling of talent)
• Plan and enable Identity Governance with Okta, integrating Okta-UKG for user lifecycle management and application security controls.
• Establish and oversee third-party risk management, ensuring vendors adhere to cybersecurity best practices and regulatory compliance.
• Define and align future infrastructure and security architecture to support long-term business objectives.
• Ensure harmonized, consistent IT operations and reliable end-user support for both HQ and remote users.
• Oversee key IT-related crisis management plans, including Incident Response Plans, Business Continuity, and Disaster Recovery strategies, ensuring system integrity, recoverability, and preparedness.
• Manage ongoing security audits and internal/external assessments, ensuring adherence to security controls for new solutions and infrastructure improvements.
• Provide strategic counsel on new technology investments that drive capability improvements and risk mitigation aligned with business direction.
• Develop and manage the IT security and operations budget, ensuring financial discipline and security-driven investments.
• Attract, develop, and retain top cybersecurity and IT operations talent, fostering a culture of innovation, diversity, and collaboration.
• Promote cybersecurity awareness and compliance through training, communication, and employee engagement initiatives.

REQUIREMENTS:

• Bachelor’s degree required (Master’s a plus) in Computer Science, Information Security, or a related field.
• 10 years’ experience in the life sciences industry, with a proven track record in cybersecurity leadership, IT infrastructure operations, end user services, and regulatory compliance.
• Regulatory Expertise: Deep knowledge of GMPs, 21 CFR Part 11, GAMP5, GCP/GLP, HIPAA, SOX, GDPR, PII, PHI, and NIST frameworks.
• Cybersecurity Expertise:
• Security architecture design, Zero Trust security models, DevSecOps integration, vulnerability management, and cloud security.
• Advanced knowledge of threat intelligence, penetration testing, SIEM, and security automation (SOAR).
• Risk Management & Compliance:
• Experience in NIST, ISO 27001, COBIT, CIS 18, and regulatory security frameworks.
• Ability to identify compliance risks, escalate appropriately, and drive proactive risk mitigation efforts.
• Technical & Cloud Security Expertise:
• Experience managing cloud security architecture (AWS, Azure).
• Strong understanding of network security, mobile security, data loss prevention (DLP), and endpoint security.
• Industry Certifications (Preferred): CISSP, CISM, CISA, CRISC, CCSP, PMP.
• Strong Leadership & Communication Skills:
• Ability to engage executive stakeholders and communicate complex cybersecurity concepts in business terms.
• Project management expertise, with experience successfully managing multiple security-driven business initiatives.
• Strategic Vision & Execution:
• Proven ability to build consensus, drive iterative improvements, and implement enterprise-wide cybersecurity transformation.

Please visit our website, http://www.ionis.com for more information about Ionis and to apply for this position; reference requisition # IONIS003547

Ionis offers an excellent benefits package! Follow this link for more details: Ionis Benefits

Full Benefits Link: https://www.ionis.com/careers/working-at-ionis/#:~:text=our employee spotlight-,Benefits,-Employees are rewarded

The pay scale for this position is $206,000 to $283,466

NO PHONE CALLS PLEASE. PRINCIPALS ONLY.

Ionis Pharmaceuticals, Inc. and all its subsidiaries are proud to be EEO employers.

#LI-Hybrid

Salary : $206,000 - $283,466