Executive Director, Cybersecurity & Risk Management

At Insmed, every moment and every patient counts - and so does every person who joins in. As a global biopharmaceutical company dedicated to transforming the lives of patients with serious and rare diseases, you'll be part of a community that prioritizes the human experience, celebrates curiosity, and values every person's contributions to meaningful progress. That commitment has earned us recognition as Science magazine's No. 1 Top Employer for five consecutive years, certification as a Great Place to Work® in the U.S., and a place on The Sunday Times Best Places to Work list in the UK.

For patients, for each other, and for the future of science, we're in. Are you?

About the Role:
We are seeking an experienced leader to oversee cybersecurity operations, enterprise risk management, and Computer Systems Validation (CSV) program. This role will manage cross-functional teams and ensure compliance with regulatory requirements while maintaining operational excellence.

The Executive Director, Cybersecurity & Risk Management plays a critical leadership role in safeguarding that mission. Reporting directly to the Chief Information Officer, this individual is responsible for defining and executing Insmed's enterprise cybersecurity and risk strategy.

This role requires a strategic, hands-on leader who can think globally, act decisively, and remain technically engaged in building and protecting secure digital environments. The ideal candidate combines deep technical expertise with a proven ability to communicate complex risks in business terms, fostering trust and resilience across the organization.

What You'll Do:

Strategic Leadership

• Define, communicate, and execute Insmed's cybersecurity and risk management vision , ensuring alignment with the company's values, business priorities, and regulatory commitments.

• Present cybersecurity posture, emerging threats, and key initiatives to the CIO, IT Leadership Team, and, as needed, the Executive Committee and Board of Directors.

• Establish and maintain governance frameworks and control structures consistent with NIST and FDA data protection standards.

• Partner with Legal, Compliance, Clinical Operations, Quality and R&D to proactively manage risk across Insmed's technology landscape and protect sensitive patient and research data.

• Demonstrated experience leading a Computer Systems Validation team in a regulated (pharmaceutical, biotech, or healthcare) environment is a plus .

• Foster a culture of security accountability and awareness , ensuring every employee understands their role in protecting Insmed's mission and assets.

Hands-On Technical Leadership

• Lead and participate directly in cybersecurity operations , including incident response, threat detection, vulnerability management, and risk remediation.

• Architect and operationalize security solutions across cloud, data, and endpoint environments, leveraging zero-trust principles .

• Serve as a senior escalation point for major incidents, directing containment, recovery, and post-event reviews with a focus on continuous improvement.

• Guide the adoption of AI-driven threat analytics, secure DevOps practices, and automated response frameworks to strengthen Insmed's security posture.

• Oversee penetration testing, red teaming, and risk assessments , ensuring timely follow-up and actionable outcomes.

• Stay actively engaged with emerging technologies and regulatory developments impacting healthcare cybersecurity.

• Deep understanding of GxP requirements, FDA 21 CFR Part 11, EU GMP Annex 11, and GAMP 5 guidelines a plus .

• Experience collaborating with Quality, IT, and business stakeholders to ensure systems are validated and remain in a compliant state throughout their lifecycle a plus .

• Familiarity with validation of documentation, audit readiness, and continuous improvement of CSV processes.

Risk Management:

• Define and implement risk management policies and frameworks aligned with organizational objectives

• Conduct enterprise-level risk assessments and develop mitigation strategies

CSV Program Oversight:

• Oversee the CSV team, validation strategy and continuous process improvement

• Ensure compliance with GxP regulations and industry standards

• Familiarity with validation of documentation, audit readiness, and continuous improvement of CSV processes a plus .

Team & Organizational Leadership

• Build, mentor, and inspire a high-performing cybersecurity organization , promoting continuous learning and professional growth.

• Lead through influence and collaboration, working closely with peers across IT, R&D, Quality, and Business Operations to embed security into all technology initiatives.

• Manage key vendor and service-provider partnerships , ensuring effective performance and alignment with Insmed's security objectives .

• Drive operational excellence by balancing strategic priorities with hands-on execution and measurable results.

Who You Are:

Who You Are:

You have a Bachelor's Degree along with 15+ years' of progressive IT and cybersecurity experience, with a minimum of 10+ years as a leader managing enterprise level programs in the pharma or biotech industry.

You are or you also have:

• Demonstrated hands-on experience in cybersecurity operations, engineering, or architecture.
• Proven success communicating with and presenting to Executive Management and Boards of Directors .
• Strong understanding of risk management, compliance, and audit processes within regulated industries, ideally biotechnology or pharmaceuticals.
• Professional certifications such as CISSP, CISM, GIAC Security Leadership, CCSP
• Mission-driven mindset -understands that protecting systems and data ultimately protects patients.
• Strong executive presence and communication skills , capable of articulating complex cybersecurity risks to non-technical audiences.
• Deep technical proficiency across cybersecurity frameworks, cloud security, and identity management.
• Skilled in budget planning, vendor management, and strategic program delivery .
• Proven track record of driving change, innovation, and process excellence in fast-paced, regulated environments.
• Collaborative, influential, and empathetic leader who thrives in cross-functional partnerships.
• Continuous learner , passionate about staying ahead of emerging threats, technologies, and industry standards.

Nice to have (but not required):

OSCP or other technical certifications a plus

Where You'll Work

This is a hybrid role based out of our Bridgewater, NJ HQ office. You'll have the option to work remotely most of the time, with in-person collaboration when it matters most.

#LI-JTI

#LI-Hybrid

Pay Range:
$255,000.00-347,500.00 Annual

Life at Insmed

At Insmed, you'll find a culture as human as our mission-intentionally designed for the people behind it. You deserve a workplace that reflects the same care you bring to your work each day, with support for how you work, how you grow, and how you show up for patients, your team, and yourself.

Highlights of our U.S. offerings include:

• Comprehensive medical, dental, and vision coverage and mental health support, annual wellbeing reimbursement, and access to our Employee Assistance Program (EAP)
• Generous paid time off policies, fertility and family-forming benefits, caregiver support, and flexible work schedules with purposeful in-person collaboration
• 401(k) plan with a competitive company match, annual equity awards, and participation in our Employee Stock Purchase Plan (ESPP), and company-paid life and disability insurance
• Company Learning Institute providing access to LinkedIn Learning, skill building workshops, leadership programs, mentorship connections, and networking opportunities
• Employee resource groups, service and recognition programs, and meaningful opportunities to connect, volunteer, and give back

Eligibility for specific programs may vary and is subject to the terms and conditions of each plan.

Current Insmed Employees: Please apply via the Jobs Hub in Workday.

Insmed Incorporated is an Equal Opportunity employer. We do not discriminate in hiring on the basis of physical or mental disability, protected veteran status, or any other characteristic protected by federal, state, or local law. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Unsolicited resumes from agencies should not be forwarded to Insmed. Insmed will not be responsible for any fees arising from the use of resumes through this source. Insmed will only pay a fee to agencies if a formal agreement between Insmed and the agency has been established. The Human Resources department is responsible for all recruitment activities; please contact us directly to be considered for a formal agreement.

Insmed is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, please contact us by email at [email protected] and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.

Applications are accepted for 5 calendar days from the date posted or until the position is filled.