Senior Cyber Security Engineer

Company Overview
ImmunityBio, Inc. (NASDAQ: IBRX) is a commercial-stage biotechnology company developing cell and immunotherapy products that are designed to help strengthen each patient’s natural immune system, potentially enabling it to outsmart the disease and eliminate cancerous or infected cells. We envision a day when we no longer fear cancer, but can conquer it, thanks to the biological wonder that is the human immune system. Our scientists are working to develop novel therapies that harness that inherent power by amplifying both branches of the immune system, attacking cancerous or infected cells today while building immunological memory for tomorrow. The goal: to reprogram the patient’s immune system and treat the host rather than just the disease.

Why ImmunityBio?
• ImmunityBio is developing cutting-edge technology with the goal to transform the lives of patients with cancer and develop next-generation therapies and vaccines that complement, harness and amplify the immune system to defeat cancers and infectious diseases.
• Opportunity to join a publicly traded biopharmaceutical company with headquarters in Southern California.
• Work with a collaborative team with the ability to work across different areas of the company.
• Ability to join a growing company with professional development opportunities.

Position Summary

This position serves as part of an enterprise information security and compliance group. The specific role will implement, monitor, manage, maintain and administer security tools. The ideal candidate will also support and continue to foster a secure environment across the organization. The candidate must be able to work independently within a team framework to complete work in an accurate and timely manner.

Essential Functions

• Participate in the development and implementation of the enterprise security architecture and supporting security standards to ensure compliance with corporate policies, and relevant legislative and regulatory requirements.
• Review and determine risks within the environment and recommend security products and/or processes to assist in mitigating risks.
• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• This role requires a deep understanding of network security solutions, incident response processes, cloud platform terminology, SaaS offerings, Identity and Access Management capabilities, Multi-Factor Authentication solutions, and VPN architecture.
• Demonstrates advanced knowledge of the principles, best practices architecture and design approaches to applicable capabilities, services and standard controls that fall under the scope of NIST, ISO, CIS, PCI, HITRUST.
• Monitor information systems for security incidents and vulnerabilities including the development of monitoring and visibility capabilities, report on incidents, vulnerabilities, and trends.
• Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches including interacting and collaborating with third-party incident responders.
• Administers authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk and advises management and develops and executes plans for compliance and mitigation of risk.  Perform risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
• Perform comprehensive threat/risk assessments and business impact analysis of current system, data, application and technology environments to determine possible internal and external threats to information assets and identify security measures required to counter such threats.
• Assist in managing day-to-day security operations such as security event monitoring, log monitoring and security incident management, compliance monitoring, data loss prevention, as well as monitoring and responding to emerging threats varying from endpoint to server to public cloud system.
• Perform all other special projects and duties as assigned

Education & Experience

• Bachelor’s degree in computer sciences, IT, engineering or related field
• Minimum of 5 years’ work experience in security engineering
• Minimum of 5 years’ work experience in system and network security
• Possess current security certifications (e.g., CISSP, CEH, CISA, etc)

Knowledge, Skills, & Abilities

• Experience and knowledge of network firewalls (Palo Alto, Checkpoint) and security technology (FireEye NX,HX,PX, Splunk) and other IDS/IPS and network monitoring tools
• Background in security operations, project management, or information security, with knowledge of Cloud security models and controls (AWS, Azure)
• Working understanding networking concepts and protocols (BGP, TCP/IP layers, DNS, SMTP, SSL, etc.)
• Experience managing vulnerability scanning tools (Qualys, Rapid7, Nessus, etc)
• Ability to participate in security compliance efforts (HIPAA, ISO27001, HITRUST, etc.)
• Ability to participate in tier 2 and tier 3 security operations support
• Ability to participate in security incident handling
• Ability to participate in projects that develop new intellectual property
• Experience identifying and quantifying risks within networks as well as mitigating risks
• Ability to complete tasks and deliver professionally written reports for clients and management
• Ability to present findings to technical staff and executives
• Must have good written and verbal communication skills, good documentation skills, good organizational skills and good interpersonal skills to partner with a diverse group of skilled technicians and engineers.

Working Environment / Physical Environment

• This position works onsite
• Must possess mobility to work in a standard office setting and to use standard office equipment, including a computer.
• Lift and carry materials weighing up to 20 pounds.

This position is eligible for a discretionary bonus and equity award. The hourly base pay range for this position is below. The specific rate will depend on the successful candidate’s qualifications, prior experience as well as geographic location.

$125,000.00 (entry-level qualifications) to $160,000.00 (highly experienced) annually

The application window is anticipated to close on 60 days from when it is posted or sooner if the position is filled or closed.

ImmunityBio employees are as valuable as the people we serve. We have built a resource of robust benefit offerings to best support the total wellbeing of our team members and their families. Our competitive total rewards benefits package, for eligible employees, include: Medical, Dental and Vision Plan Options • Health and Financial Wellness Programs • Employer Assistance Program (EAP) • Company Paid and Voluntary Life/AD&D, Short-Term and Long-Term Disability • Healthcare and Dependent Care Flexible Spending Accounts • 401(k) Retirement Plan with Company Match • 529 Education Savings Program • Voluntary Legal Services, Identity Theft Protection, Pet Insurance and Employee Discounts, Rewards and Perks • Paid Time Off (PTO) includes: 11 Holidays • Exempt Employees are eligible for Unlimited PTO • Non-Exempt Employees are eligible for 10 Vacation Days, 56 Hours of Health Pay, 2 Personal Days and 1 Cultural Day •  We are committed to providing you with the tools and resources you need to optimize your Health and Wellness.

At ImmunityBio, we are an equal opportunity employer dedicated to diversity in the workplace. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law.

ImmunityBio is a mandatory vaccination employer for COVID-19 and its variants.   The Company requires that its employees be fully vaccinated as of their start date.  If you require a medical or religious accommodation we will engage in the interactive process with you.  Proof of vaccination will be required prior to start.  If we make you an offer and you are not yet vaccinated, we will accommodate a delay in start date.  ImmunityBio may also mandate that its employees receive vaccine boosters, and all accommodation laws will be followed.