Manager, IT Security Operations

The Company:
With deep expertise in chemistry, Nuvalent is working to create selective medicines designed with the goal to address the needs of patients with cancer.  Nuvalent is an exciting early-stage company, bringing together experienced scientists and industry veterans with a proven track record in drug discovery, oncology drug development, and company building. 

The Role:

Reporting to the Director, Cybersecurity and Compliance, the Manager, IT Security Operations is responsible for managing activities relating to monitoring and responding to security events, working across multiple technology platforms, and interfacing with various groups within IT, as well as partners and vendors. The role requires technical competence, experience managing diverse technologies, familiarity with recent threats and adversarial techniques, and excellent communication skills at both staff and executive levels.

Responsibilities:

• Conducts threat monitoring and analysis using various threat detection, investigation and response capable tools, such as security information and event management (SIEM) and extended detection and response (XDR) platforms.
• Build and maintain security infrastructure, architecture, and system performance.
• Conducts multi-telemetry based threat investigations to identify cyber threats coming both internally and externally of the organization.
• Triages alerts from detection platforms, identifying and removing false positive issues and escalating genuine identified attacks.
• Documents formal, technical incident reports for review by the Director, Cybersecurity and Compliance.
• Provides infrastructure teams with incident support, including mitigating actions to contain activity and advisory for remedial actions.
• Carries out root cause analysis and investigations to advise on prevention mechanisms and configuration changes.
• Works with Threat Intelligence vendors to research emerging threats and exploits to aid in the discovery of incidents.
• Maintains knowledge of latest security technologies and mitigations.
• Carries out analysis and testing for the purposes of identifying vulnerabilities, misconfigurations or other exposures, and the validation of user policies.
• Perform SIEM analysis and ticket handling per service level expectations.
• Create documentation for operational processes.
• Be available for on-call rotation and 24x7x365 support as needed.

 Competencies:

• Communicates clearly and effectively with individuals at all levels of the organization.
• Listens actively and adapts messaging to suit different audiences and situations.
• Builds productive working relationships across teams and functions.
• Approaches complex problems in a structured, thoughtful manner.
• Effectively plans, prioritizes, and manages multiple responsibilities.
• Ability to manage stress, lead effectively, maintain integrity, and adapt in a constantly changing environment.
• Makes sound, timely decisions using available information and professional judgment.
• Balances short-term needs with long-term objectives, even under pressure or ambiguity.

 Qualifications:

• 3-5 years of information security monitoring and response or related experience.
• Bachelor’s degree in Computer Science, Information Security, Information Systems, or a related field, or equivalent practical experience.
• CompTIA CYSA+, CompTIA Security+ and/or SANS certifications a plus
• Experience managing third-party service providers or MSSPs is a plus.

 Additional Information:

Nuvalent is committed to fair and equitable compensation practices, aiming to provide employees with competitive total rewards packages.

The targeted salary range below reflects what Nuvalent reasonably and in good faith expects to offer for this position at the time of posting, but the final salary determination may be within or outside this range based on various factors, including, but not limited to, experience, skills, education, and market factors.  The range will be reviewed regularly and is subject to change.

Nuvalent also offers a comprehensive benefit package to support our employees at each stage of their career, financial, health, and well-being journey, including medical, dental, and vision insurance, 401(k) retirement savings plan, generous paid time off (including a summer and winter company shutdown), and much more.

Nuvalent provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to religion, race, creed, color, sex, sexual orientation, alienage or citizenship status, national origin, age, marital status, pregnancy, disability, veteran or military status, predisposing genetic characteristics or any other characteristic protected by applicable federal, state or local law.

Nuvalent is aware that many companies are dealing with fraudulent job postings on third-party employment search sites and/or individual(s) or entities claiming to be employees of such companies. Those involved are offering fraudulent employment opportunities to applicants, often asking for sensitive personal and financial information, and using such information for criminal activities.

Please be advised that all legitimate correspondence from a Nuvalent employee will come from "@nuvalent.com" email accounts. Automated system response emails from our Greenhouse applicant tracking system come from a “no-reply@greenhouse.io” email address. There are no variations of these email addresses and Nuvalent would not request personal and/or financial information via email. Job opportunities would only be extended after a completed job application is submitted by a candidate and a thorough interview process including 1:1 and/or group interviews via phone, video conferencing and/or in-person.

If you believe you have been contacted by anyone misrepresenting themselves as an employee of Nuvalent, please contact Nuvalent at 857-357-7000. Thank you.