Director, Information Security - Governance, Risk & Compliance (GRC)

What would it take to do the best work of your career? 

If you made a list of all the things your perfect job would have, what would be on it? Would it include a mission that truly justified the word “mission?” Would it involve being part of one of the best scientific research and production labs in the world creating petabytes of insight-rich data? Would it be a place filled with smart people all trying to help you do the best work of your career? Would it have leadership that could see an almost science fiction-like future and was looking to you to get there?

Recursion is the clinical-stage biotechnology company industrializing drug discovery by decoding biology. Recursion leverages sophisticated machine-learning algorithms to distill from its dataset the Recursion Map, a collection of hundreds of billions of searchable inferences across biology and chemistry unconstrained by human bias.

The Impact You’ll Make

• Implement a GRC program that ensures appropriate risk identification and management of Information security risks.
• Lead organizational efforts to accomplish SOC2 Type II, ISO 27001 and other certifications and attestations that demonstrate assurance internally within the organization and externally with Partners.
• Implement Information security policies, procedures and standards, for applications and infrastructure.
• Implement a Third-Party Risk Management program to address third-party and supplier risks.
• Explore new security threats, the technology controls and tactics required to mitigate those threats.
• Track, remediate and report on risks and guide risk reduction through the GRC system.

The Team You'll Join

You will join a growing IT and Information Security team at Recursion, focused on enabling Recursion to decode biology by providing world class technology services that are designed and fit for purpose. You'll collaborate with your teammates and across departments to agree on what the most important challenges and capabilities are, then figure out how to get us there.

The Experience You'll Need

• Convey security concepts to non-technical audiences (e.g. senior and executive management, internal customers)
• See the bigger picture of overall Information Security and understand Security Architecture and GRC's impact on it
• Understand system vulnerabilities, attack surfaces, attack vectors and tactics used in modern cyber attacks
• Ongoing familiarity with new and prevalent technologies and IT systems
• At least 10 years of relevant IT Security experience and two or more relevant certifications (i.e. CISSP, CISM etc.)
• Assessing cloud security, leading cross functional project teams, access control operations along with strong technical expertise are highly desirable
• Have strong analytical, problem solving and critical thinking skills and the ability to support decisions that balance cybersecurity with ease-of-use
• Experience leading security project through influence, collaboration, and coalition-building; and very comfortable in situations requiring constrained creativity to insure we are securing business systems and data
• Understand and own every important detail as second nature

#LI-BW1

The Values That We Hope You Share:

• We Care: We care about our drug candidates, our Recursionauts, their families, each other, our communities, the patients we aim to serve and their loved ones. We also care about our work.
• We Learn: Learning from the diverse perspectives of our fellow Recursionauts, and from failure, is an essential part of how we make progress.
• We Deliver: We are unapologetic that our expectations for delivery are extraordinarily high. There is urgency to our existence: we sprint at maximum engagement, making time and space to recover. 
• Act Boldly with Integrity: No company changes the world or reinvents an industry without being bold. It must be balanced; not by timidity, but by doing the right thing even when no one is looking.
• We are One Recursion: We operate with a 'company first, team second' mentality. Our success comes from working as one interdisciplinary team.

Recursion spends time and energy connecting every aspect of work to these values. They aren’t static, but regularly discussed and questioned because we make decisions rooted in those values in our day-to-day work. You can read more about our values and how we live them every day here.

Recursion requires all employees to be fully vaccinated for COVID-19 prior to their first date of employment.

More About Recursion 

Central to our mission is the Recursion Operating System, or Recursion OS, that combines an advanced infrastructure layer to generate what we believe is one of the world’s largest and fastest-growing proprietary biological and chemical datasets and the Recursion Map, a suite of custom software, algorithms, and machine learning tools that we use to explore foundational biology unconstrained by human bias and navigate to new biological insights which may accelerate our programs. We are a biotechnology company scaling more like a technology company. Recursion is proudly headquartered in Salt Lake City. 

Learn more at www.recursion.com, or connect on Twitter and LinkedIn.

Recursion is an Equal Opportunity Employer that values diversity and inclusion.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected under applicable federal, state, local, or provincial human rights legislation.