Associate Director, Cybersecurity
Company: Insmed Incorporated
Location: Bridgewater
Posted on: January 15, 2026
|
|
|
Job Description:
At Insmed, every moment and every patient counts — and so does
every person who joins in. As a global biopharmaceutical company
dedicated to transforming the lives of patients with serious and
rare diseases, you’ll be part of a community that prioritizes the
human experience, celebrates curiosity, and values every person’s
contributions to meaningful progress. That commitment has earned us
recognition as Science magazine’s No. 1 Top Employer for five
consecutive years, certification as a Great Place to Work® in the
U.S., and a place on The Sunday Times Best Places to Work list in
the UK. For patients, for each other, and for the future of
science, we’re in. Are you? About the Role: Reporting to the Senior
Director, Cybersecurity and Risk Management, the Associate Director
of Cybersecurity will be responsible for information security
operations, to include planning and operation of cybersecurity
tools, applications, and business intelligence. The selected
candidate will assist in developing, implementing, overseeing, and
optimizing the organization's cybersecurity program (tools,
technologies, methodologies) to ensure that information security
policies, standards and practices are in place to manage risk to
the enterprise effectively. This mid-level leadership position will
also assist in driving the tactical direction of Insmed’s
cybersecurity program to define and deliver reliable, secure, and
scalable network systems, processes, and other services. Ideal
candidates for this position will be hands-on leaders, able to do
the work as well as accomplish results through others, in addition
to demonstrating strong coaching, mentorship, and career
development skills. What You'll Do: In this role,you’llhave the
opportunity to lead and mentor the Cybersecurity team creating a
culture that fosters engagement, passion, and enthusiasm for
Insmed’s vision, mission, and values. You’llalso: Build and mature
a culture focused on proactive risk management and cyber security
best practices. Participate in the development of Insmed’s IT
strategy as it relates to cybersecurity; implement and
operationalize the strategy. Collaborate with the Senior Director
on a strategy for building management support and ownership of
cybersecurity. Responsible for developing, implementing, and
executing information security and vulnerability assessments,
testing applications, systems, and infrastructure to ensure
appropriate protection of sensitive customer and company
information; perform risk analysis and recommends remediation for
deficiencies. Track and reassess remediation(s) to ensure
compliance with policies and operational standards. To
appropriately manage the program and enterprise risk, leverage
cyber security metrics. Research and benchmark industry-leading
security practices and tools, validating the organization is
protected with industry-leading security solutions and services.
Examine new technologies’ impact on the organization's overall
information security posture. Establish processes to review new
technologies and ensure security compliance. Responsible for
developing, implementing, and executing company-wide/departmental
information security training and awareness programs. Manage
production technology incidents to resolution, ensuring timely
engagement, escalation, and effective communication to business,
technology, and vendor partners. Develop, implement, maintain, and
oversee Insmed’s cybersecurity program ensuring Insmed can identify
and detect threats, and protect, respond, and recover from threats
and incidents. In collaboration with Senior Director, work with and
actively engage security service providers to deliver necessary
services and manage contract requirements and service level
agreements. Execute security management tasks including the
monitoring, installation, and activation of malicious software
protection tools, applying security protocols to network
connectivity, managing user identities and logical access, and
providing security data as needed when investigations arise.
Develop, implement, maintain, and oversee enforcement of policies,
procedures, and associated plans for system security administration
and user system access based on industry-standard best practices.
Develop, implement, and test the IT elements in the Business
Continuity Plan (BCP) and Disaster Recovery Plan (DRP). Responsible
for developing, implementing, and executing a comprehensive set of
security standards and guidelines, including but not limited to
cybersecurity operations, incident response, vulnerability
management, network security, data protection, and loss, endpoint
security, compliance program, and identity and access management.
Ensure program standards comply with applicable State and Federal
regulatory requirements. Who You Are: You have a minimumof an
undergraduate degree in Computer Science, Management Information
Systems, Business, or related field as well as 15 years’ experience
in IT/Cybersecurity. You are or you have: 10 years’ experience
developing, managing, and directing cybersecurity operations with
planning and development requirements, to include assessing
effectiveness of such programs. 10 years’ experience leading a team
of highly skilled technical professionals. 5 years’ of leading
information security risk assessments, vendor risk management
programs, developing information security awareness and education
programs, and managing information technology or security projects.
5 years’ of effectively managing a Cybersecurity team. Advanced
knowledge of systems design methodologies & development, including
core infrastructure and enterprise-wide applications, as well as
online applications, and web-based systems, voice and data
communications technologies, security frameworks & methodologies,
open architecture systems, common programming languages,
open-source software, business intelligence, and data analytics.
Expertise in cybersecurity regulatory, compliance, and framework
requirements, such as NIST, HITRUST, CIS, and ISO. Experience
working with Security Incident and Event Management (SIEM) tools,
endpoint detection and response tools, vulnerability management
suites, and various security solutions. Experience with the
following cyber security domain areas: Data encryption (rest,
transit, memory) Public Key Infrastructure (PKI) key management
systems Application security (secure coding, shift left) Identity
and access management program (MFA, SSO, LCM, IGA) Data handling
and classification Firewalls Network segmentation Cyber resiliency
Data loss prevention Strong knowledge of operating system,
application, network, and database security architectures. Proven
ability to effectively utilize techniques designed to reduce
frequency, duration, and impact of common business disruptions
particularly as they relate to branch/contact center operations,
electronic services, and telecommunications. Strong verbal and
written communications skills including the ability to explain
technical concepts and technologies to business leaders and senior
executives. Strong leadership, inter-personal, and collaboration
skills. Proven ability to increase employee engagement, build,
retain, and manage a highly skilled and motivated team. In-depth
knowledge of IT and cybersecurity practices/trends in the biopharma
and/or financial services industry and operating policies. Strong
project management skills and a track record of successfully
managing change, process improvement, and operational performance.
Ability to collaborate, build relationships, and influence
individuals at all levels within the organization and strong vendor
management skills. Strong budget management skills and ability to
develop and obtain approval for significant business cases. This
position is required to work weekends and nights as necessary to
ensure network availability and to support after regular business
hours deployment of new systems, patches, fixes, and/or other
enhancements. Preferred Qualifications: Certifications – GIAC
Security Essentials, GIAC Security Leadership, ISACA CISM, MCSE:
Security, (ISC)2 SCCP, (ISC)2 CISSP, (ISC)2 ISSAP, CCISO, CISA, or
CRISC. Expertise in cybersecurity frameworks, organizational
profiles, and gap analysis processes. Experience with CI/CD
security integration and DevSecOps practices. Knowledge of cloud
security, container security, and Infrastructure-as-Code (IaC)
security. Security automation experience (SAST, DAST). LI-EG1
hybrid Pay Range: $164,000.00-213,000.00 Annual Life at Insmed At
Insmed, you’ll find a culture as human as our mission—intentionally
designed for the people behind it. You deserve a workplace that
reflects the same care you bring to your work each day, with
support for how you work, how you grow, and how you show up for
patients, your team, and yourself. Highlights of our U.S. offerings
include: Comprehensive medical, dental, and vision coverage and
mental health support, annual wellbeing reimbursement, and access
to our Employee Assistance Program (EAP) Generous paid time off
policies, fertility and family-forming benefits, caregiver support,
and flexible work schedules with purposeful in-person collaboration
401(k) plan with a competitive company match, annual equity awards,
and participation in our Employee Stock Purchase Plan (ESPP), and
company-paid life and disability insurance Company Learning
Institute providing access to LinkedIn Learning, skill building
workshops, leadership programs, mentorship connections, and
networking opportunities Employee resource groups, service and
recognition programs, and meaningful opportunities to connect,
volunteer, and give back Eligibility for specific programs may vary
and is subject to the terms and conditions of each plan. Current
Insmed Employees: Please apply via the Jobs Hub in Workday. Insmed
Incorporated is an Equal Opportunity employer. We do not
discriminate in hiring on the basis of physical or mental
disability, protected veteran status, or any other characteristic
protected by federal, state, or local law. All qualified applicants
will receive consideration for employment without regard to sex,
gender identity, sexual orientation, race, color, religion,
national origin, disability, protected Veteran status, age, or any
other characteristic protected by law. Unsolicited resumes from
agencies should not be forwarded to Insmed. Insmed will not be
responsible for any fees arising from the use of resumes through
this source. Insmed will only pay a fee to agencies if a formal
agreement between Insmed and the agency has been established. The
Human Resources department is responsible for all recruitment
activities; please contact us directly to be considered for a
formal agreement. Insmed is committed to providing access, equal
opportunity, and reasonable accommodation for individuals with
disabilities in employment, its services, programs, and activities.
To request reasonable accommodation to participate in the job
application or interview process, please contact us by email at
TotalRewards@insmed.com and let us know the nature of your request
and your contact information. Requests for accommodation will be
considered on a case-by-case basis. Please note that only inquiries
concerning a request for reasonable accommodation will be responded
to from this email address. Applications are accepted for 5
calendar days from the date posted or until the position is
filled.
Keywords: Insmed Incorporated, Bloomfield , Associate Director, Cybersecurity, IT / Software / Systems , Bridgewater, New Jersey
