Intercept Pharmaceuticals Director, Head of Information Security in New York, New York

Job Descriptions:


Intercept is a rapidly growing global biopharmaceutical company headquartered in New York City with R&D based in San Diego and the International headquarters based in London. Our focus is on bettering the lives of patients through the development and commercialization of novel therapeutics to treat progressive non-viral liver diseases. Intercept’s first product OCALIVA® (obeticholic acid [OCA], a farnesoid X receptor agonist) was approved and launched in the United States in 2016 for the treatment of primary biliary cholangitis (PBC) and was granted conditional approval for the treatment of PBC by the European Commission. PBC is a rare, autoimmune cholestatic liver disease that can put patients at risk for life-threatening complications. OCALIVA® represents the first new treatment option for people living with PBC in nearly twenty years.

We are busy building our future together as beyond PBC, OCALIVA® is being evaluated for potential indications across a variety of additional chronic liver diseases, including nonalcoholic steatohepatitis (NASH), primary sclerosing cholangitis (PSC), and biliary atresia. The FDA has granted OCA breakthrough therapy designation for the treatment of NASH with liver fibrosis.

Nonalcoholic steatohepatitis (NASH) is one of the most common liver diseases (estimated to affect 3-5% of the U.S. adult population) and is expected to be the leading cause for liver transplantation by 2020. Currently there are no approved treatments for NASH. Intercept is in a unique position in NASH as OCA is the first and to-date only product that successfully showed efficacy in two key endpoints in a randomized Ph II study. OCA is currently being evaluated in an international Phase III trial (REGENERATE) for the treatment of NASH that initiated in 2015 and has been fully enrolled for the patients required for the key interim analysis. In addition to REGENERATE there are several other studies that are underway or soon will be to help to build a broader scientific foundation of knowledge for OCA in NASH.


The Head of Information Security, acting in the role of the Chief Information Security Officer (CISO) is one in wanting to make a difference, by bringing together technical capabilities, organizational skills, and the ability to effect stakeholder management across all business lines. The protection and security of Intercept’s information assets lies at the heart of this role. You will be expected to understand how to implement a holistic risk based security program providing business flexibility, and underpinning the holistic activities of the Information systems transformation program.

The Head of Information Security, reporting to the Chief Information Officer, will lead the global Information Security Strategy. Responsible for developing and delivering effective security governance processes that minimize the likelihood of significant security incidents and ensure that, should an incident occur, it is detected and dealt with swiftly and effectively.


To perform this job successfully an individual must be able to perform each essential function satisfactorily.

  • In conjunction with the CIO and peers in Information Technology(IT) and other relevant stakeholders, provide leadership and direct the development and implementation of the Information Security Program for Intercept

  • Identify the universe of IT risk to contribute to the execution of the IT risk management strategy in support of business objectives and in alignment with the enterprise risk management (ERM) strategy

  • Prepares and manages budget for Intercept Cyber Security Program

  • Proposes Security policies, standards, and procedures related to information systems security, including Incident Response

  • Directs all phases of planning and accomplishment of the information systems security functions and activities of the Program

  • Supervises assigned staff and coordinates with other IT Teams

  • Directs the assessment of information systems to ensure that appropriate security functions have been included in the systems design and architecture

  • Establishes, monitors and evaluates the performance of information systems in support of information systems security program accomplishments based on appropriate measures.

  • Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives

  • Manage CSIRT incidents to closure, providing regular reporting to members of the CIO, corporate/legal functions, Executive Team and the Board of Directors as necessary.


  • This position requires a B.A./ B.S. in Computer Science, Computer Engineering, Information Security, Intelligence Analysis or Cyber Security or other relevant field

  • Overall 10+ years of professional experience with 7+ years in Information & Cyber Security

  • Experience in and knowledge of industry frameworks and regulations (NIST, ITIL, ISO, COBIT, SOX, GDPR)

  • CISSP/CISM/CISA or equivalent certification is a plus

  • Advanced skills and established experience in IT security and risk management (understanding risk assessment, legal and regulatory requirements, threats, vulnerabilities, security policies etc.).

  • Deep understanding of infrastructure components, including infrastructure security components (e.g. Network security, Firewalls, IDS, IPS etc.)

  • Deep understanding of security architecture standard methodologies

  • Demonstrated experience with information security tools (SIEM, signature development)

  • Demonstrated experience with networking, system administration, architectures and security elements

  • Experience with protected health information or personally-identifiable information is a plus

Required Experience:

  • Knowledge of current Security standards regulations and frameworks such as HIPPA, ISO/IEC 27001/27002, SOX, NIST, GDPR

  • Demonstrable ability to balance and prioritize security requirements with business objectives and financial constraints

  • Ability to work independently on initiatives with little oversight

  • Strong analytical skills/problem solving/conceptual thinking

  • Effective communication skills

  • Awareness of Cloud Security Solutions

  • Enterprise Incident handling experience

  • Programing and scripting experience

  • Must have Project Management, Share Point and Presentation skills.

  • Experience in leading or coordinating activities across a diverse group of professionals with visibility to senior management

  • Excellent organizational, planning, problem solving and decision-making

  • Strong interpersonal skills, including verbal, written, and listening skills with the ability to influence and lead others

Keyword: Director, Head of Information Security

From: Intercept Pharmaceuticals