ngmbio logo

Manager, Enterprise Security and Applications

South San Francisco IT - IT Full Time
NGM Biopharmaceuticals, Inc. is a clinical stage biotech company dedicated to discovering and developing the next generation of medicines for the treatment of serious diseases.  Our experienced scientific team has joined forces with an impressive group of industry professionals, Nobel Laureates and other distinguished researchers to form a company where innovation and cutting-edge science has provided the foundation for a robust drug discovery engine.  To date, NGM Bio has generated a pipeline of six drug candidates in various stages of development targeting liver, metabolic, ophthalmic, and oncologic diseases. The most advanced drug candidate, NGM282, is in Phase 2b clinical studies in non-alcoholic steatohepatitis (NASH).  NGM’s strategic collaboration with Merck, which was extended to March 2022, will continue to provide us with the resources and flexibility to pursue our ambitious R&D goals and further extend our pipeline of novel drug candidates. 

Reporting to the IT Director, the Manager of Enterprise Security and Applications will be responsible for design, implementation and the day to day operations of corporate infrastructure while also providing strategy, technology guidance and support to the Clinical, Financial, Medical, Product Development, Quality Assurance and the Regulatory Affairs departments.
This position will oversee network infrastructure, standard operation procedures, network security, corporate data and applications in the cloud, on company premises, management security controls (NIST, CIS), document management, SOX/GXP controls and initiatives as well as staff training. 
The Enterprise Security and Applications Manager will partner with business owners and the IT team to align IT efforts with business requirements and develop a technology roadmap to support strategic business capabilities. 
This is a hands-on role that will involve close collaboration with and provide active support for departmental leaders throughout the organization.
  • Develop and maintain the corporate network and data infrastructure in a prudent manner according to SOPs, SLA, SOX and GXP requirements.
  • Incorporate risk-based “security by design” approach into all stages of SDLC, IT operations and project management.
  • Align IT strategic efforts, Lead teams in the development and implementation of new applications and systems, ensuring on-time, on-budget completion; set stakeholder expectations and develop project deliverables.
  • Develop and implement prudent management practices of security controls, system monitoring and reporting for all new and existing systems.  
  • Serves as the primary contact for SAAS and On-Premises corporate applications, as well as be the point person for applications training and service and support.
  • Assist with IT CSV functions; ensure compliance with applicable regulations (e.g., SOX and Title 21 CFR Part 11) and develop and maintain appropriate SOPs and related documentation.
  • Proactively initiate process and system improvements in accordance with existing SOPs requirements.
  • Comply with corporate policies and procedures and with US healthcare laws and regulations.
  • Participate in the day to day HelpDesk support operations.
  • Implementation of Access Rights Management system
  • Deployment and management of Security Information and Event Management system (SIEM)
  • Management of corporate intrusion detection and prevention systems.
  • Management and monitoring of corporate firewalls, antivirus, anti-spyware platforms, email security and user email phishing protection systems.
  • Configuration and security monitoring of SSO, MFA and client data encryption systems.
  • Configuration and management of the Mobile Device Management platform.
  • Perform penetration testing on our internal and external applications.
  • Perform proactive research to detect new attack vectors.
  • Perform security assessments of current and potential software vendors.
  • Bachelor’s degree, computer science or similar discipline;
  • 8+ years of progressive IT experience in biotech/pharmaceutical or medical
  • device industries.
  • Strong technical knowledge and practical experience in defining, implementing and managing business and technical solutions.
  • Experience managing GxP systems and assuring compliance.
  • Experience with one or more of the following core technology areas:  GxP document management (EDMS), corporate document management, LIMS/ELN, enterprise quality management (QMS).
  • Ability to analyze and define business requirements and translate into technical solutions.
  • Experience working with a variety of data and reporting tools.
  • Previous management and operational experience in leading teams with a proven ability to align IT initiatives with business goals.
  • Proven success managing IT growth in a fast-paced environment.
  • Demonstrated ability to successfully lead high-profile, complex projects and implement with minimal disruption to end users.
  • Excellent communication skills.
  • Ability to communicate complex technology concepts to executive management and the user community.
  • Proven adaptability to shifting project schedules, priorities and assignments; able to make effective decisions under pressure.
  • Operates with the highest level of integrity and is a trusted partner to the organization.
  • Hands-on experience with the following system types/platforms preferred: ADP or an HRIS, CTMS, eTMF, SAS, Data warehouse, BI, Safety, QMS, CRM, BD tools, EDMS and CLM.
  • Hands-on experience with Microsoft and Linux servers and corresponding OS, Active Directory, SQL Databases and scripting languages (Python, Perl, Shell and PowerShell).
  • Knowledge of HPC in Hybrid Cloud environment (Google or AWS), SAAS and Managed Hosting Infrastructure.
  • Working knowledge with CFR 21 Part 11, GxP Validated Systems, and Sarbanes-Oxley Regulations.
  • Experience in SOX compliant environments and a basic understanding of segregation of duties.
  • Fit with NGM culture and values.

  • NGM offers a creative, collaborative, highly challenging scientific environment, along with a strong compensation package that includes salary, stock options, 401(k) and a comprehensive benefits package.

    Interested applicants should apply through the NGM Biopharmaceuticals website: