Information Systems Security Manager (ISSM)

Job Title: Information Systems Security Manager (ISSM)

Location: Onsite in Boulder, CO

About Our Company

Foresight Diagnostics is an early-stage, venture-backed molecular diagnostics company that is developing non-invasive cancer detection technologies to improve the lives of patients worldwide. Our portfolio of cell-free DNA based liquid biopsy tests are rooted in novel and proprietary methods developed at Stanford University. Our approach enables the earlier detection of smaller tumors, leading to more personalized and effective cancer treatment strategies for patients. We have deep expertise in molecular biology, bioinformatics, and Next Generation Sequencing (NGS), and maintain a dynamic, fast-paced work environment with significant opportunities for high-impact contribution and rapid professional growth. Foresight Diagnostics is headquartered in Boulder, Colorado.

About The Role

The Information Systems Security Manager (ISSM) leads the information security strategy and operations within in our highly regulated life sciences environment. Reporting to the Head of Information technology, this role is critical in safeguarding sensitive data, intellectual property, and clinical information while ensuring compliance with global regulatory standards.

What You Will Do

• Development and Governance of Security Policies and Procedures including audit readiness.

• Formulate and enforce security policies to protect corporate data and IT infrastructure.

• Ensure compliance with industry standards and regulations including ISO 13485, CAP, CLIA, ISO 27001 audits.

• Regularly update security protocols to address emerging threats.

• Lead the development and execution of the organization’s information security program.

• Ensure compliance with regulatory frameworks such as HIPAA, FDA Cybersecurity Guidance on Medical Devices, and EU MDR.

• Perform GRC functions to meet complex compliance requirements.

• Oversee risk assessments, incident response, and vulnerability management across enterprise IT, Research and Development, and laboratory operations.

• Manage and enhance security monitoring, detection, and response systems (e.g., SIEM, endpoint security).

• Drive vendor risk management and ensure third-party partners meet security requirements.

• Conduct regular risk assessments to identify vulnerabilities within the IT environment.

• Creation of SOPs related to security operations.

• Implement risk mitigation strategies and continuously monitor their effectiveness.

• Educate employees and promote a culture of security awareness across the organization.

• Perform periodic internal security assessment activities.

• Develop and manage an incident response plan to address security breaches promptly.

• Coordinate with IT and other departments to resolve security issues and minimize impact.

• Conduct post-incident analysis to improve future responses.

• Report on security posture, risks, and incidents to leadership and regulatory auditors.

• Support business continuity and disaster recovery planning.

• Technical Proficiency: In-depth knowledge of cybersecurity principles, tools, and technologies.

• Leadership: Ability to lead and inspire a team of cybersecurity professionals.

• Strategic Planning: Capability to develop and execute long-term security strategies.

• Adaptability: Flexibility to adapt to the rapidly changing cybersecurity landscape.

• Attention to Detail: Keen eye for identifying vulnerabilities and ensuring thorough risk management.

• Lead security related projects and deliverables for security as well as external department projects.

• Develop, oversee and/or participate in organization wide BC, DR, and BR requirements.

What You Will Bring

• Bachelor’s degree in Computer Science, Information Security, or related field required,(Master’s preferred).

• This role will be required to perform ~30-40% hands on of security tooling.

• Understanding of eQMS system and requirements.

• CISSP certification required; additional certifications (CISM, CISA, CCSP) a plus.

• 5+ years of information security experience, including 2+ years in a leadership role.

• Strong background in life sciences, biotech, or pharmaceutical industries preferred.

• Expertise with regulatory requirements and standards: HIPAA, FDA, ISO 27001, NIST CSF.

• Hands-on experience with security tools and technologies (SIEM, IAM, encryption, DLP, IR).

• Proven ability to manage cross-functional security initiatives and external vendors.

• Excellent communication skills to engage both technical and executive teams.

Physical and Mental Requirements, Working Conditions

• Learn new tasks, remember processes, maintain focus, complete tasks independently, make timely decisions in the context of a workflow, ability to communicate with others, ability to complete tasks in situations that have a speed or productivity quota.

• Predominantly operates in an office environment. Some periods of time may be spent in computer room and communications equipment spaces for installation, testing, and troubleshooting. Some work (less than 5%) requires moving and lifting of heavy networking equipment. This position requires close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal; extensive reading.

• This is an essential position supporting clinical laboratory operations requiring attendance on weekends, holidays, and during emergency conditions, such as inclement weather and power failure.

• This position requires the ability to identify and resolve quality issues.

• This position is a full-time, in-person position in Boulder, CO.

Compensation and Benefits

This role is hiring at an annual salary of $170,000 - $195,000 and is eligible for bonus and equity offerings.

Foresight offers benefits including paid vacation, sick time, and parental leave (if applicable), alongside medical, dental, vision, life, disability coverage, flexible spending accounts, and a 401k with company match.

You will be working on interesting problems with extremely high impact. We promote the professional development of our employees and will encourage upward mobility within the company for high performing employees. Foresight Diagnostics is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.