Position Summary:

As a Cybersecurity & Compliance Lead at Nusano, you will play a vital role in safeguarding our organization's digital assets by ensuring the integrity, confidentiality, and availability of sensitive data. You will work closely with cross-functional teams to assess security risks, develop and implement security measures, and respond to security incidents. This role requires a deep understanding of cybersecurity principles, an extensive industry record of accomplishment, strong analytical skills, and the ability to navigate complex security challenges in a hybrid environment. Direct industry experience working in Life Sciences / biotechnology is required.

What You'll Do:

Biotechnology Regulations and Compliance 

• Develop and execute a comprehensive cybersecurity strategy tailored to the biotech industry in collaboration with IT senior management
• Understand industry-specific regulations (e.g., HIPAA, GDPR, FDA) and ensure the company's cybersecurity practices align with these requirements

 Data Protection and Privacy 

• Assist in the development, implementation, and enforcement of cybersecurity policies, procedures, and standards
• Ensure strong data encryption, access controls, and data masking controls are implemented to safeguard sensitive research and data

 Security Auditing & Monitoring 

• Continuously monitor network traffic and systems for signs of security breaches or anomalies. Investigate and respond to security alerts and incidents in a timely manner.
• Conduct regular vulnerability assessments and penetration tests to identify and mitigate potential security weaknesses in our IT infrastructure and applications
• Partner with the OT team to identify and remediate cybersecurity risks

 Phishing and Social Engineering Awareness 

• Train employees to recognize and mitigate phishing attacks and social engineering threats that could compromise data or systems
• Provide cybersecurity training and awareness programs to employees to promote a culture of security within the organization

Network & Endpoint Security

• Secure the company's network infrastructure, including firewalls and intrusion detection/prevention systems, by monitoring for unusual network activity using industry standards and best practice methods
• Ensure the security of all server and endpoint devices connected to the business network through endpoint protection solutions and regular patch management.
• Technical proficiency with MDR/EDR solutions and other off-the-shelf enterprise cybersecurity solutions

Incident Response and Management 

• Develop an incident response plan to quickly identify and respond to security incidents, minimizing potential damage
• Collaborate with incident response teams to contain, mitigate, and recover from security incidents. Document incident details and lessons learned

Security Documentation 

• Maintain up-to-date documentation of security configurations, procedures, and incident reports

Threat Intelligence 

• Stay informed about the latest cybersecurity threats, trends, and vulnerabilities in the biotechnology and healthcare sectors. Use threat intelligence to enhance our security posture

Minimum Requirements:

• Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent work experience).
• At least 8 years of experience in IT Cybersecurity design, implementation, and management, preferably in a growth-oriented environment
• 7+ years of experience in leading and managing IT Cybersecurity teams, projects, initiatives, and budgets
• Professional certifications such as CISSP, CISM, or CompTIA Security+ are a plus.
• Proven experience as a Cybersecurity Analyst or in a similar role.
• Proficiency in network security, firewall administration, and intrusion detection systems.
• Strong knowledge of cybersecurity principles, best practices, and technologies.
• Familiarity with Operational Technology Cybersecurity standards.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001).
• Experience with security information and event management (SIEM) systems.
• Understanding of regulated / validated environments (Sarbanes-Oxley, cGxP)
• Excellent analytical and problem-solving skills.
• Effective communication and teamwork abilities.
• Ability to adapt to evolving threats and technologies.
• Ethical and proactive mindset with a commitment to confidentiality.

Physical Requirements:

• Must be comfortable working in a facility that produces radiation.
• Work to be conducted in both an office environment and the production facility.
• Must be able to sit for extended periods of time.
• Frequent use of computer with repetitive use of keyboard, mouse and manual dexterity. 

About Nusano:

At Nusano, we believe in the power of innovation to enhance lives and strengthen the communities we serve. We are more than a physics company; we are pioneers in the production of both medical and industrial isotopes. Our mission is to ensure that high-quality radioisotopes are readily available for critical applications, from cancer treatment to advancing space exploration, and enabling other groundbreaking innovations.

Our state-of-the-art facility in West Valley City, Utah will harness our proprietary ion source technology to produce isotopes efficiently and sustainably. We understand the urgent need for reliable access to these vital resources, and we are committed to leading the way in supply stability and innovation. We envision a future where no patient has to face treatment delays due to shortages, and where industries can thrive with dependable access to the materials they need.

At Nusano, we are dedicated to making a meaningful impact, not only in healthcare but also in the broader community. We strive to empower our partners and customers, ensuring that together, we can build a healthier, more vibrant tomorrow for all.

• Comprehensive medical, dental, and vision coverage for employees and their eligible dependents
• 401(K) Retirement Plan
• Company-paid life insurance & AD&D coverage
• Company-paid short-term and long-term disability coverage
• High-Deductible Health Plan (HDHP) option with company funded Health Savings Account (HSA)
• Healthcare Flexible Spending Account (FSA)
• Dependent Care Reimbursement Account (DCRA)
• Voluntary Life Insurance
• Voluntary benefits such as Critical Illness, Accident, Hospital, and Pet Insurance
• Employee Assistance Program (EAP)
• Vacation, Sick Time, and Holidays