At a Glance
- Tasks: Lead the development and implementation of the cybersecurity program, ensuring compliance with GxP and SOX.
- Company: Compass Pathways is preparing for a critical commercial launch and expansion of its data and technology footprint.
- Benefits: Opportunity to work in a hands-on role with a focus on execution and collaboration with IT leadership.
- Other info: Experience with Microsoft 365 security and knowledge of security frameworks like NIST and ISO 27001 is desirable.
- Why this job: Join a pivotal phase in a growing company focused on enhancing its cybersecurity posture.
- Qualifications: Bachelor’s degree in IT or Cybersecurity with 8-10 years of IT experience, including 4+ years in security.
The predicted salary is between 60000 - 80000 £ per year.
Requirements
- Bachelor’s degree in IT, Cyber security, or related field
- 8–10 years of IT experience with 4+ years in security
- Hands-on experience across key security domains
- Experience in regulated environments
- Knowledge of security frameworks (NIST, ISO 27001)
- Experience with SOC or MSP providers
- (Desirable) Experience supporting commercialization
- (Desirable) Familiarity with GxP and SOX controls
- (Desirable) Experience securing healthcare or patient data
- (Desirable) Experience with Microsoft 365 security
- (Desirable) Certifications (CISSP, CISM, Security+)
- Execution focus
- Risk-based mindset
- Strong communication
- Cross-functional collaboration
- Attention to detail
What the job involves
Compass Pathways is entering a critical phase as we prepare for commercial launch and expansion of our data and technology footprint. We are seeking a hands-on, execution-focused Senior Manager, IT Information Security to lead the development, implementation, and day-to-day operation of the company’s cybersecurity program. This role is responsible for protecting company systems, data, and users, ensuring compliance with regulatory requirements (including GxP, SOX ITGCs, and data privacy obligations), and strengthening the organization’s security posture as we scale. The role operates with a high degree of ownership while collaborating closely with IT leadership and external partners.
Reports to: VP, Information Technology
Security Program Leadership & Execution:
- Lead implementation and improvement of the cybersecurity program
- Develop security policies, standards, and procedures
- Support transition to a risk-based security model
Threat Detection, Monitoring & Incident Response:
- Oversee monitoring and alerting with SOC partners
- Manage incident response processes and reporting
- Coordinate response and reporting of security events
Vulnerability Management & Security Operations:
- Lead vulnerability management lifecycle
- Partner with IT teams on remediation
- Ensure controls across endpoints, cloud, and applications
- Support identity and access controls
- Establish and manage cyber security KPI’s and metrics
Compliance, Risk & Data Protection:
- Support SOX ITGC controls and audits
- Ensure protection of sensitive data
- Participate in cyber security risk assessments and vendor assessments
Security Awareness & Training:
- Lead awareness programs and phishing simulations
- Promote security culture
Vendor & Stakeholder Management:
- Manage third-party security vendors
- Partner with IT, Legal, and Compliance
- Report on security posture and risks
Senior Manager of IT Information Security employer: Compass Pathways
Compass Pathways is located in a dynamic environment focused on mental health innovation. Employees benefit from a hands-on role in cybersecurity, contributing to the company's mission of improving patient outcomes. The team values cross-functional collaboration and a strong security culture.
