We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Remote New
BioCryst Pharmaceuticals jobs

Manager, Cybersecurity

BioCryst Pharmaceuticals
United States
Apr 07, 2026

COMPANY:

At BioCryst, we share a deep commitment to improving the lives of people living with hereditary angioedema (HAE) and other rare diseases. We leverage our expertise in structure-guided drug design to develop first-in-class or best-in-class oral small-molecule and injectable protein therapeutics, led by the efforts of our team of expert scientists in our Discovery Center of Excellence in Birmingham, Alabama. Our global headquarters is in Durham, North Carolina and our employees span the globe across sites in multiple countries. We are proud of our culture of engagement and accountability that rewards people for innovative thinking and achievement of key objectives. For more information, please visit our website at www.biocryst.com or follow uson LinkedInand Instagram.

JOB SUMMARY:

We are seeking a hands-on Cybersecurity Manager to join our high-impact Information Security team. In this role, you will oversee and direct security operations while remaining deeply engaged as a playercoach, responsible for technical oversight, prioritization, and execution of efforts to engineer, operate, and mature BioCryst's security program. You will work closely with the Executive Director of Information Security & Risk Management to translate cybersecurity strategy into operational initiatives, maintain compliance with industry frameworks, and ensure effective day-to-day security operations and incident response readiness.

A key dimension of this role is cross-functional collaboration, you will serve as a trusted security partner to business stakeholders across IT, Legal, HR, Finance, and Research & Development, helping embed security into business processes through risk-based guidance and practical control design. You will also play an active role in managing and governing relationships with external vendors and managed service providers (MSPs/MSSPs), including defining scope and expectations, overseeing service delivery, evaluating performance against SLAs and KPIs, and ensuring alignment with BioCryst's security standards, risk tolerance, and contractual obligations. This role is accountable for escalating material risks, driving remediation decisions, and ensuring vendordelivered services measurably reduce organizational risk. #LI-REMOTE

ESSENTIAL DUTIES & RESPONSIBILITIES:

Risk, Compliance & Stakeholder Collaboration

  • Act as a primary cybersecurity liaison to business stakeholders (Product, Legal, Compliance, Risk, Finance, Operations), enabling risk-informed decision making.
  • Translate business objectives and constraints into actionable security controls, prioritized remediation plans, and risk ownership models.
  • Lead management oversight of security risks and findings, including remediation tracking, timeline accountability, and residual risk acceptance.
  • Support audit, regulatory, and customer assurance activities through control design, evidence review, and remediation planning.
  • Develop and maintain security standards, technical guidance, and documentation to enable consistent control adoption across teams.
  • Escalate cybersecurity risks to senior leadership with clear context, options, and recommended actions.

Leadership & Continuous Improvement

  • Oversee Managed Security Service Providers (MSSPs) by defining scope, performance metrics, governance rhythms, and continuous assurance of service quality and risk posture.
  • Drive continuous improvement of the cybersecurity program through automation, process optimization, and technical innovation.
  • Act as a trusted advisor and subject matter expert, providing guidance to engineers, leaders, and cross-functional departments such as legal, HR, finance.
  • Partner with internal communications and training teams to deliver clear, effective security awareness content and targeted education for employees and contractors.

Security Operations

  • Oversee day-to-day security operations, including monitoring, alert triage, and incident response across enterprise, cloud, and SaaS environments.
  • Serve as a senior escalation point for security incidents, providing technical oversight, decision support, and remediation guidance.
  • Establish and monitor operational standards, SLAs, and KPIs for detection, response, and recovery, continuously improving effectiveness and resilience.
  • Manage incident response planning, tabletop exercises, and post-incident reviews, ensuring root cause analysis, corrective actions, and executive-ready reporting.
  • Design and enforce secure usage of AI technologies within security operations, mitigating data exposure and misuse risks while leveraging AI to improve alert triage, threat analysis, and automation.

Security Engineering & Architecture Oversight

  • Provide technical and architectural support for security controls across endpoints, networks, cloud platforms, and SaaS environments.
  • Guide the design and maintenance of security tooling integrations and telemetry pipelines that support high-quality detection, response, and analysis.
  • Conduct security architecture reviews for new systems, products, and third-party services, aligned with industry best practices and internal standards.
  • Ensure alignment with recognized security frameworks (e.g., NIST, Zero Trust) and evolving organizational risk posture.
  • Stay current on emerging threats, attack techniques, and defensive technologies, translating external intelligence into strategic and operational improvements.

REQUIRED EDUCATION/EXPERIENCE/SKILLS:

  • Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or equivalent practical experience.
  • 5+ years of experience in cybersecurity engineering, security operations, or related technical roles.
  • Demonstrated hands-on experience implementing and operating security controls in enterprise environments.
  • Proven experience collaborating with cross-functional and business stakeholders to deliver security outcomes.
  • Experience in a publicly traded, regulated industry preferably in biotech, pharma, or life sciences.
  • Experience and comfort communicating across all levels of the organization including senior leadership.
  • Strong customer service skills to engage with internal stakeholders across all levels of the organization.
  • Strong communication and stakeholder engagement skills.
  • Certifications such as CISSP, CISM, CRISC, or CISA preferred.

The statements in this position description are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. The manager may assign additional responsibilities and assignments from time to time.

BioCryst is an equal opportunity employer and is committed to providing equal employment opportunities without regard to age, race, religion, sex, sexual orientation, gender identity, national origin, Veterans status, disability and/or other protected class characteristics. Additionally, BioCryst is committed to achieving its business objectives in compliance with all federal, state and local law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-dffwj)