Associate Director, Cyber Security

VN796

Permanent

Gaithersburg, MD, Radnor, PA, Oxford, UK

Information Technology

As part of IT Operations, the Associate Director of Cyber Security’s primary responsibility is to lead and manage Immunocore’s cyber security strategy and day-to-day cyber security operations. This is a hands-on position and involves leveraging our Cisco security suite to develop and implement comprehensive security layers, policies, procedures, and protocols aimed at protecting our digital assets and employees from modern cyber threats.

The primary purpose of this role is to leverage emerging expertise and subject matter knowledge in Cyber Security to address significant and unique complex issues, aligning work with the wider Immunocore’s strategy. The individual will interpret internal and external business challenges, recommend best practices, and identify new solutions to improve products and processes. They will make timely, tough decisions, effectively dealing with ambiguity and limited information.

Key Responsibilities:

Design and implement comprehensive, layered security architecture across on-premises, Azure, and AWS environments - including endpoint, network, identity, cloud, and data security controls.

Monitor external cyber security, regulatory, and technology developments to identify risks, opportunities, and improvement priorities for the business.

Own the SIEM platform - including use case development, alert tuning, log source onboarding, and ensuring coverage across cloud and on-premises environments.

Develop and maintain SOAR playbooks to automate detection and response workflows, reducing mean time to respond (MTTR).

Integrate threat intelligence feeds and use them to proactively tune detection logic and inform risk decisions.

Conduct and manage vulnerability assessments and penetration testing programmes, tracking remediation to closure.

Assisting in design and architecture of our Global IT infrastructure and Cyber Security solutions, ensuring they meet business requirements, scalability needs, industry, and security standards.

Continuously optimise infrastructure to enhance security, while adhering to industry standards and compliance requirements.

Drive continual improvement of cyber governance, assurance, and control effectiveness across the organisation.

Deploy and maintain complex backend security infrastructure and products across various environments, including on-premises, Azure, and AWS.

Oversee Linux and Windows infrastructure security hardening, aligned to CIS benchmarks and internal standards.

Investigating and resolving complex cyber alerts, technical issues and incidents related to our environment. Participating in on-call rotations as required providing timely response to critical incidents.

Manage Immunocore’s relationship with the external SOC provider, defining SLAs, escalation paths, and reporting cadence, and ensuring value is being delivered.

Own and maintain Immunocore’s cyber security strategy, roadmap, and policies, ensuring they are aligned to business objectives and relevant regulatory frameworks (ISO 27001, NIST, GDPR, GxP, Cyber Essentials).

Design and deliver a security awareness programme that engages employees at all levels - including phishing simulations, targeted training, and management reporting.

Act as a trusted advisor to the business on security matters, balancing risk management with operational pragmatism.

Lead functional teams or projects, serving as a best practices resource, and providing guidance, coaching, and mentorship to professional and managerial employees.

Supervisory Responsibility (If applicable):

Supervise external Cisco SOC and provide guidance/mentorship engineers within the IT team.

Support and manage one Cyber Security Engineer.

Education, Experience and Knowledge:

Essential Qualifications:

Bachelor’s degree in Cyber Security, Information Security, Computer Science, or a related field with a minimum of 4 years in a senior cyber security role (L3+), with demonstrated experience leading security operations, strategy, and incident response.

Hold a current recognised security certifications such as CISSP, CISM, CISA, or CCNP Security.

Proven experience owning and operating SIEM, SOAR, EDR, and vulnerability management platforms in a multi-cloud (Azure/AWS) and on-premises environment.

Strong knowledge of security frameworks and regulatory compliance (ISO 27001, NIST, GDPR, Cyber Essentials) with experience developing and maintaining security policies, roadmaps, and risk registers.

Expert with security hardening principles across Linux and Windows, with the ability to implement and audit controls in line with CIS benchmarks.

Experience managing external SOC providers, including defining SLAs, escalation procedures, and performance metrics.

Demonstrated ability to lead and mentor security staff, manage vendor relationships, and communicate security risk to senior stakeholders and non-technical audiences.

Preferred Qualifications:

Experience working in Life Sciences or a Pharmaceutical company and the necessary regulations (GxP).

Expert in cloud architecture, support, containerisation, and automation.

Experience with setting up and maintaining hybrid infrastructure and services.

Other:

In line with the business requirements and SLAs put in place, or during unplanned events, the role holder may be required to work irregular hours or out of hours.

The role may be required to travel internationally on an irregular basis.

Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components or rack equipment.

Immunocore (NASDAQ: IMCR) is a pioneering, commercial-stage T cell receptor biotechnology company whose purpose is to develop and commercialize a new generation of transformative medicines which address unmet patient needs in oncology, infectious diseases and autoimmune disease. Our leaders in R&D are internationally recognised as some of the biotech industry’s most successful drug developers. We are creating not just an environment where great minds can interact but an innovation powerhouse answering the big questions.

Focused on delivering first-in-class biological therapies to patients, we have developed a highly innovative soluble TCR platform. Our ImmTAX molecules underpin a new generation of precision engineered drugs that harness the immune system to treat a broad spectrum of diseases with high unmet medical need, including oncology, infectious diseases and autoimmune diseases.

At Immunocore, we recognize that our employees are our greatest asset. We value the unique contributions each person brings to our team. By embracing Science, Trust, Respect, Integrity, Diversity, and Entrepreneurship (STRIDE), we create an environment where collaboration thrives, ideas flourish, and transformative changes happen. STRIDE represents more than just letters; it embodies our shared identity and drives our mission. We are dedicated to developing breakthrough therapies that transform patients’ lives, advancing medicine, and supporting one another in these pursuits.

Immunocore is proud to be an equal opportunity employer. As such, we are committed to fostering an inclusive workplace where everyone feels valued, respected, and empowered. We encourage applications from individuals of all backgrounds, regardless of race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, or any other characteristic protected by law.