Associate Director, Cyber Security in Oxford

Location of role: Gaithersburg, MD, Radnor, PA, Oxford, UK

Department: Information Technology

Key Responsibilities

• Lead and manage Immunocore’s cyber security strategy and day-to-day cyber security operations.
• Leverage Cisco security suite to develop and implement comprehensive security layers, policies, procedures, and protocols aimed at protecting digital assets and employees from modern cyber threats.
• Interpret internal and external business challenges, recommend best practices, and identify new solutions to improve products and processes.
• Design and implement comprehensive, layered security architecture across on-premises, Azure, and AWS environments.
• Monitor external cyber security, regulatory, and technology developments to identify risks, opportunities, and improvement priorities for the business.
• Own the SIEM platform, including use case development, alert tuning, log source onboarding, and ensuring coverage across cloud and on-premises environments.
• Develop and maintain SOAR playbooks to automate detection and response workflows.
• Integrate threat intelligence feeds and use them to proactively tune detection logic and inform risk decisions.
• Conduct and manage vulnerability assessments and penetration testing programmes.
• Assist in design and architecture of Global IT infrastructure and Cyber Security solutions.
• Continuously optimise infrastructure to enhance security while adhering to industry standards and compliance requirements.
• Drive continual improvement of cyber governance, assurance, and control effectiveness across the organisation.
• Deploy and maintain complex backend security infrastructure and products across various environments.
• Oversee Linux and Windows infrastructure security hardening, aligned to CIS benchmarks and internal standards.
• Investigate and resolve complex cyber alerts, technical issues, and incidents related to the environment.
• Participate in on-call rotations as required providing timely response to critical incidents.
• Manage Immunocore’s relationship with the external SOC provider, defining SLAs, escalation paths, and reporting cadence.
• Own and maintain Immunocore’s cyber security strategy, roadmap, and policies.
• Design and deliver a security awareness programme that engages employees at all levels.
• Act as a trusted advisor to the business on security matters.
• Lead functional teams or projects, serving as a best practices resource, and providing guidance, coaching, and mentorship.

Supervisory Responsibility

• Supervise external Cisco SOC and provide guidance/mentorship to engineers within the IT team.
• Support and manage one Cyber Security Engineer.

Education, Experience and Knowledge

Essential Qualifications

• Bachelor’s degree in Cyber Security, Information Security, Computer Science, or a related field with a minimum of 4 years in a senior cyber security role.
• Hold a current recognised security certification such as CISSP, CISM, CISA, or CCNP Security.
• Proven experience owning and operating SIEM, SOAR, EDR, and vulnerability management platforms.
• Strong knowledge of security frameworks and regulatory compliance.
• Expert with security hardening principles across Linux and Windows.
• Experience managing external SOC providers.
• Demonstrated ability to lead and mentor security staff.

Preferred Qualifications

• Experience working in Life Sciences or a Pharmaceutical company.
• Expert in cloud architecture, support, containerisation, and automation.
• Experience with setting up and maintaining hybrid infrastructure and services.

Other

• The role holder may be required to work irregular hours or out of hours.
• The role may be required to travel internationally on an irregular basis.
• Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components or rack equipment.

Equal Opportunity Employer

Immunocore is proud to be an equal opportunity employer. We are committed to fostering an inclusive workplace where everyone feels valued, respected, and empowered.