Ardelyx
Ardelyx is a publicly traded commercial biopharmaceutical company founded with a mission to discover, develop and commercialize innovative first-in-class medicines that meet significant unmet medical needs. Ardelyx has two commercial products approved in the United States, IBSRELA® (tenapanor) and XPHOZAH® (tenapanor). Ardelyx has agreements for the development and commercialization of tenapanor outside of the U.S. Kyowa Kirin commercializes PHOZEVEL® (tenapanor) for hyperphosphatemia in Japan. A New Drug Application for tenapanor for hyperphosphatemia has been approved in China with Fosun Pharma. Knight Therapeutics commercializes IBSRELA in Canada.
Position Summary The Director, Cyber Security Operations is the senior leader responsible for developing, implementing, and operating Ardelyx's global cybersecurity program. This role provides strategic direction, builds and leads a high-performing security organization, and ensures the confidentiality, integrity, and availability of corporate systems, data, and cloud environments.
The ideal candidate is a seasoned cybersecurity leader who combines deep technical expertise with strong strategic vision, operational rigor, and the ability to communicate effectively with executives, auditors, engineers, and cross-functional partners. This leader will own and execute a scalable security roadmap that aligns with Ardelyx's business objectives, regulatory requirements, and evolving threat landscape while continuously improving the organization's overall risk posture.
Responsibilities
Own and execute the enterprise cybersecurity strategy, roadmap, and operating model aligned with business and technology objectives
Build, lead, and mature a high-performing security organization spanning engineering, operations, governance, and risk management
Serve as the primary advisor to executive leadership on cybersecurity risk, threat exposure, and security investments, enabling informed, risk-based decision-making
Establish, enforce, and continuously improve security policies, standards, and controls while driving a strong culture of security awareness across the organization
Oversee enterprise threat detection, monitoring, and incident response capabilities across on-prem, cloud, and SaaS environments
Lead incident response preparedness and execution, including tabletop exercises and real-time coordination with Legal, HR, Compliance, and Communications during security events
Own the security architecture and tooling strategy, including endpoint, cloud, identity, SaaS, network, and web security platforms
Drive security automation and orchestration (SOAR) to improve response consistency and reduce MTTD/MTTR
Apply defense-in-depth principles enterprise-wide, proactively identifying control gaps and implementing remediation or compensating controls
Lead security platform consolidation and vendor management to standardize controls, reduce tool sprawl, and lower total cost of ownership, while ensuring compliance and audit readiness
Qualifications
Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field with 9 – 12 years of progressive cybersecurity experience or equivalent experience
5+ years in a senior leadership role, with responsibility for enterprise security strategy, operations, and risk management.
Industry-recognized cybersecurity certifications preferred, such as: CISM, CISSP, CRISC, CCSP
Proven hands-on and leadership experience across core security domains, including identity and access management (IAM, MFA, SSO), cloud security (Azure/AWS), endpoint protection (EDR/XDR), network security, incident response, and threat management
Demonstrated experience leading enterprise security programs, including SIEM, vulnerability management, security automation, compliance frameworks (ISO 27001, SOC 2, NIST, HIPAA, GDPR), vendor management, audits, and contract negotiations; familiarity with DevOps, CI/CD, and infrastructure-as-code is a plus
Strong executive communication skills with the ability to translate technical risk into business impact
Recognized as a trusted security leader and mentor across IT and cross-functional teams
Proven ability to influence standards, patterns, and best practices at an enterprise level
Location Waltham, Massachusetts
The anticipated annualized base pay range for this full-time position is $221,000 - $270,000. Ardelyx utilizes industry data to ensure that our compensation is competitive and aligned with our industry peers. Actual base pay will be determined based on a variety of factors, including years of relevant experience, training, qualifications, and internal equity. The compensation package may also include an annual bonus target and equity awards, subject to eligibility and other requirements.
Ardelyx also offers a robust benefits package to employees, including a 401(k) plan with generous employer match, 12 weeks of paid parental leave, up to 12 weeks of living organ and bone marrow leave, equity incentive plans, health plans (medical, prescription drug, dental, and vision), life insurance and disability, flexible time off, annual Winter Holiday shut down, and at least 11 paid holidays.
Ardelyx is an equal opportunity employer.
#J-18808-Ljbffr
Position Summary The Director, Cyber Security Operations is the senior leader responsible for developing, implementing, and operating Ardelyx's global cybersecurity program. This role provides strategic direction, builds and leads a high-performing security organization, and ensures the confidentiality, integrity, and availability of corporate systems, data, and cloud environments.
The ideal candidate is a seasoned cybersecurity leader who combines deep technical expertise with strong strategic vision, operational rigor, and the ability to communicate effectively with executives, auditors, engineers, and cross-functional partners. This leader will own and execute a scalable security roadmap that aligns with Ardelyx's business objectives, regulatory requirements, and evolving threat landscape while continuously improving the organization's overall risk posture.
Responsibilities
Own and execute the enterprise cybersecurity strategy, roadmap, and operating model aligned with business and technology objectives
Build, lead, and mature a high-performing security organization spanning engineering, operations, governance, and risk management
Serve as the primary advisor to executive leadership on cybersecurity risk, threat exposure, and security investments, enabling informed, risk-based decision-making
Establish, enforce, and continuously improve security policies, standards, and controls while driving a strong culture of security awareness across the organization
Oversee enterprise threat detection, monitoring, and incident response capabilities across on-prem, cloud, and SaaS environments
Lead incident response preparedness and execution, including tabletop exercises and real-time coordination with Legal, HR, Compliance, and Communications during security events
Own the security architecture and tooling strategy, including endpoint, cloud, identity, SaaS, network, and web security platforms
Drive security automation and orchestration (SOAR) to improve response consistency and reduce MTTD/MTTR
Apply defense-in-depth principles enterprise-wide, proactively identifying control gaps and implementing remediation or compensating controls
Lead security platform consolidation and vendor management to standardize controls, reduce tool sprawl, and lower total cost of ownership, while ensuring compliance and audit readiness
Qualifications
Bachelor’s degree in Information Security, Computer Science, Information Technology, or related field with 9 – 12 years of progressive cybersecurity experience or equivalent experience
5+ years in a senior leadership role, with responsibility for enterprise security strategy, operations, and risk management.
Industry-recognized cybersecurity certifications preferred, such as: CISM, CISSP, CRISC, CCSP
Proven hands-on and leadership experience across core security domains, including identity and access management (IAM, MFA, SSO), cloud security (Azure/AWS), endpoint protection (EDR/XDR), network security, incident response, and threat management
Demonstrated experience leading enterprise security programs, including SIEM, vulnerability management, security automation, compliance frameworks (ISO 27001, SOC 2, NIST, HIPAA, GDPR), vendor management, audits, and contract negotiations; familiarity with DevOps, CI/CD, and infrastructure-as-code is a plus
Strong executive communication skills with the ability to translate technical risk into business impact
Recognized as a trusted security leader and mentor across IT and cross-functional teams
Proven ability to influence standards, patterns, and best practices at an enterprise level
Location Waltham, Massachusetts
The anticipated annualized base pay range for this full-time position is $221,000 - $270,000. Ardelyx utilizes industry data to ensure that our compensation is competitive and aligned with our industry peers. Actual base pay will be determined based on a variety of factors, including years of relevant experience, training, qualifications, and internal equity. The compensation package may also include an annual bonus target and equity awards, subject to eligibility and other requirements.
Ardelyx also offers a robust benefits package to employees, including a 401(k) plan with generous employer match, 12 weeks of paid parental leave, up to 12 weeks of living organ and bone marrow leave, equity incentive plans, health plans (medical, prescription drug, dental, and vision), life insurance and disability, flexible time off, annual Winter Holiday shut down, and at least 11 paid holidays.
Ardelyx is an equal opportunity employer.
#J-18808-Ljbffr