Senior Manager, Cyber Security Operations

Ardelyx

Waltham, MA

Apply

JOB DETAILS

SALARY

$175,000–$213,000 Per Year

JOB TYPE

Full-time

SKILLS

Amazon Web Services (AWS), Automation, CCSP - Cisco Certified Security Professional, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Coaching, Communication Skills, Computer Science, Computer Security, Continuous Improvement, Cross-Functional, Ecosystems, Employee Benefits, Endpoint Security, Establish Priorities, GCIH - GIAC Certified Incident Handler, HIPAA (Health Insurance Portability and Accountability Act), Health Plan, Hybrid Cloud, ISO (International Organization for Standardization), Identity Data Management, Incentive Programs, Incident Management, Incident Response, Information Technology/Systems Audit, Information/Data Security (InfoSec), Insurance, Internet Security, Leadership, Legal Support Skills, Mentoring, Metrics, Microsoft Access Database, Microsoft Office, Microsoft Product Family, Microsoft Windows Azure, Operations Security (OPSEC), Policy Development, Prescription Drugs, Process Improvement, Protocol Independent Multicast (PIM), Regulatory Compliance, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Security Analysis, Security Information and Event Management (SIEM), Security Infrastructure, Security Policy, Software as a Service (SaaS), Team Lead/Manager, Team Player, Technical Leadership, Technical Support, U.S. National Institute of Standards and Technology (NIST)

LOCATION

Waltham, MA

POSTED

3 days ago

Ardelyx is a commercial-stage biopharmaceutical company focused on redefining treatment approaches for patients with significant unmet medical needs. By combining scientific innovation with a collaborative, purpose-driven culture, we strive to create meaningful impact for patients. Team Ardelyx is united by a shared mission and guided by our core values: Passionate, Fearless, Dedicated, and Inclusive. We foster an inclusive environment where employees are respected, supported, and empowered to make an impact — both within our company and in the lives of patients we serve.This is a hybrid role (2-3 days in office) at our Waltham, MA headquarters.Position Summary:The Senior Manager, Cyber Security Operations is a hands-on leader responsible for building, operating, and continuously improving Ardelyx's security operations capabilities. This role combines technical execution with leadership, requiring a "player-coach" who can both lead the function and actively engage in day-to-day security operations - not a purely strategic role.This is a greenfield opportunity. As Ardelyx transitions from a managed service provider (MSP) model to an internally operated IT and security organization, this individual will help build the security operations function from the ground up. The right candidate thrives in build environments, is energized by consolidating a fragmented security stack onto a modern Microsoft-centric platform, and can operate effectively both as an individual contributor and as a team leader. This role provides operational direction for security operations while ensuring the confidentiality, integrity, and availability of corporate systems, data, and cloud environments. The ideal candidate brings deep technical expertise, operational discipline, and practical leadership, with the ability to communicate effectively with executives, auditors, engineers, and cross-functional teams.Responsibilities:Lead and actively participate in security incident detection, investigation, and response across endpoint, identity, cloud, and SaaS environments including hands-on alert triage, log analysis, and threat intelligence reviewLead incident response coordination with Legal, HR, Compliance, and Communications; own post-incident reviews and drive continuous improvement of response processesEstablish and track key operational metrics (MTTD, MTTR, incident trends) and continuously tune detection rules, playbooks, and SOAR automation to reduce noise and improve signal fidelityOwn and mature the Microsoft security ecosystem - Defender XDR, Microsoft Sentinel (SIEM/SOAR), and Purview - driving integration, automation, and unified detection and response across the environmentDesign and optimize security controls across endpoint (EDR/XDR), identity (Entra ID, MFA, Conditional Access), Azure, AWS, and SaaS applications; lead vulnerability management operations including scanning, prioritization, and remediation trackingConsume and operationalize threat intelligence, integrating indicators into Sentinel detection rules; develop SOAR playbooks via Logic Apps to reduce manual effort and accelerate responseInitially operate as a hands-on individual contributor while building and mentoring a team of 2 security engineers over the next 3–4 months; provide technical guidance and escalation support on complex issuesEnsure effective prioritization and coverage across security operations, fostering a culture of operational discipline, continuous learning, and security awarenessExecute against the cybersecurity roadmap in alignment with business objectives; identify control gaps and implement scalable, practical improvements aligned with the organization's risk tolerancePartner with Legal, Compliance, and IT to support audits, risk assessments, and regulatory requirements including NIST CSF 2.0, ISO 27001, SOC 2, and HIPAA; contribute to security policy development and enforcementSupport third-party risk management, vendor security evaluations, and security platform consolidation efforts to reduce complexity and operational costQualifications:Bachelor’s degree in Information Security, Computer Science, or related field8+ years of progressive cybersecurity experience, with strong focus on security operations and engineering or equivalent experienceProven hands-on experience with the Microsoft security stack: Defender for Endpoint, Defender for Identity, Defender for Office 365, and Microsoft SentinelDemonstrated experience with identity and access management: Microsoft Entra ID, MFA, Conditional Access, and Privileged Identity Management (PIM)Cloud security experience in Azure (required) and AWS (a plus); ability to monitor and respond to threats across hybrid cloud environmentsExperience leading or building security operations programs including SIEM, vulnerability management, and security automation in an enterprise environmentFamiliarity with compliance frameworks including NIST CSF, ISO 27001, SOC 2, and HIPAAPrior experience in a player-coach capacity — comfortable both leading a team and rolling up sleeves on technical executionStrong communication skills with the ability to translate technical risk into business impact for executive and non-technical audiencesRelevant certifications preferred (CISSP, CISM, CRISC, CCSP, GCIH, etc.)The anticipated annualized base pay range for this full-time position is $175,000-$213,000 Ardelyx utilizes industry data to ensure that our compensation is competitive and aligned with our industry peers. Actual base pay will be determined based on a variety of factors, including years of relevant experience, training, qualifications, and internal equity. The compensation package may also include an annual bonus target and equity awards, subject to eligibility and other requirements. Ardelyx also offers a robust benefits package to employees, including a 401(k) plan with generous employer match, 12 weeks of paid parental leave, up to 12 weeks of living organ and bone marrow leave, equity incentive plans, health plans (medical, prescription drug, dental, and vision), life insurance and disability, flexible time off, annual Winter Holiday shut down, and at least 11 paid holidays. Ardelyx is an equal opportunity employer.

About the Company

Ardelyx

Resume Resources

Free Resume Templates Free Resume Builder