• Sr Director, Information Security

    Job ID
    Regular Full-Time
    Fred Hutchinson Cancer Research Center
    Information Technology
  • Overview

    Cures Start Here. At Fred Hutchinson Cancer Research Center, home to three Nobel laureates, interdisciplinary teams of world-renowned scientists seek new and innovative ways to prevent, diagnose and treat cancer, HIV/AIDS and other life-threatening diseases. Fred Hutch’s pioneering work in bone marrow transplantation led to the development of immunotherapy, which harnesses the power of the immune system to treat cancer. An independent, nonprofit research institute based in Seattle, Fred Hutch houses the nation’s first cancer prevention research program, as well as the clinical coordinating center of the Women’s Health Initiative and the international headquarters of the HIV Vaccine Trials Network. Careers Start Here.



    The Senior Director of Information Security oversees the creation, implementation and ongoing evolution of information security strategy and policy for Fred Hutchinson Cancer Research Center. They direct the Information Security Office, comprising governance, assurance, and engineering functions. They also lead on-going center-wide information security risk assessment and status reporting efforts, and is responsible for the ongoing development and administration of security awareness and training programs across the center. They advise and collaborate with both administrative and scientific staff on issues related to information security. In addition, the Senior Director of Information Security is responsible for review and direction of data governance practices as well as information security audits and regulatory compliance.




    • Develop and drive information security strategy and action plans based on center-wide risk assessment and gap analysis
    • Manage and mentor the Information Security Office team members and implement professional development plans for all members of the team
    • Provide guidance and counsel to the CIO, working closely with administrative leadership, and the Fred Hutch scientific community in defining objectives for information security, while building relationships and goodwill
    • Promote collaborative, empowered working environments across campus, removing barriers and creating possibilities
    • Develop, publish, and maintain comprehensive information security and privacy standards, policies, procedures and guidelines and enforce these in compliance with applicable regulations and standards
    • Oversee execution of approved information security projects and internal/external security audits, and provide regular status reporting on progress of such projects
    • Collaborate with central and departmental IT groups to ensure information security risks in both ongoing and planned operations are properly considered and that all compliance matters are being adhered to as required
    • Provide guidance and support as necessary to investigate security breaches and to pursue associated potential disciplinary and legal actions in collaboration with Human Resources and the Office of the General Counsel as appropriate
    • Monitor information security trends and evolving technologies and keep senior management informed about related information security issues and implications for the center
    • Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers
    • Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls
    • Build and maintain relationships with peers at partner organizations to create a strong bridge between organizations and bring groups together to share information and resources and create better decisions, policies and practices for the Cancer Consortium
    • Work with Internal Audit and outside consultants as appropriate on required security assessments and audits
    • Conduct regular and ongoing monitoring of and reporting on compliance with information security standards and policies


    12 information security engineers and analysts comprising information security compliance, assurance, and engineering functions.



    • 10-12 of years of progressive experience with information security demonstrating increasing responsibility in management assignments including both staff and operational responsibilities
    • Masters level degree in Information Security, Computer Science, Information Management Systems, or equivalent background.
    • Demonstrated experience in developing and implementing information security programs.
    • Demonstrated experience supporting information security in a research environment.
    • Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., HIPAA, FISMA)
    • Familiarity with Institutional Review Boards
    • Excellent interpersonal skills and professional diplomacy
    • Excellent verbal and written communication skills with all levels of the organization.
    • Industry certification (OSCP or SANS certifications; QSA or ISA; CISSP or CISM) preferred.


    Our Commitment to Diversity

    We are committed to cultivating a workplace in which diverse perspectives and experiences are welcomed and respected. We are proud to be an Equal Opportunity and VEVRAA Employer. We do not discriminate on the basis of race, color, religion, creed, ancestry, national origin, sex, age, disability, marital or veteran status, sexual orientation, gender identity, political ideology, or membership in any other legally protected class. We are an Affirmative Action employer. We encourage individuals with diverse backgrounds to apply and desire priority referrals of protected veterans. If due to a disability you need assistance/and or a reasonable accommodation during the application or recruiting process, please send a request to our Employee Services Center at escmail@fredhutch.org or by calling 206-667-4700.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed