Job Specifications
Sr. Manager, IT Security, Compliance & Infrastructure
Location: Onsite in Palo Alto, CA or Princeton, NJ
About Summit
Ivonescimab, known as SMT112, is a novel, potential first-in-class investigational bispecific antibody combining the effects of immunotherapy via a blockade of PD-1 with the anti-angiogenesis effects associated with blocking VEGF into a single molecule. Ivonescimab displays unique cooperative binding to each of its intended targets with multifold higher affinity when in the presence of both PD-1 and VEGF.
Summit has begun its clinical development of ivonescimab in non-small cell lung cancer (NSCLC), with three active Phase III trials:
HARMONi is a Phase III clinical trial which intends to evaluate ivonescimab combined with chemotherapy compared to placebo plus chemotherapy in patients with EGFR-mutated, locally advanced or metastatic non-squamous NSCLC who have progressed after treatment with a 3rd generation EGFR TKI (e.g., osimertinib).
HARMONi-3 is a Phase III clinical trial which is designed to evaluate ivonescimab combined with chemotherapy compared to pembrolizumab combined with chemotherapy in patients with first-line metastatic NSCLC.
HARMONi-7 is a Phase III clinical trial which is intended to evaluate ivonescimab monotherapy compared to pembrolizumab monotherapy in patients with first-line metastatic NSCLC whose tumors have high PD-L1 expression.
Ivonescimab is an investigational therapy that is not approved by any regulatory authority in Summit's license territories, including the United States and Europe. Ivonescimab was approved for marketing authorization in China in May 2024. Ivonescimab was granted Fast Track designation by the US Food & Drug Administration (FDA) for the HARMONi clinical trial setting.
Overview Of Role
As the Senior Manager, Security, Compliance & Infrastructure, the candidate will be responsible for establishing and leading the Information Technology security program while also supporting core infrastructure operations. This includes designing, implementing, and managing security policies, processes, and controls in alignment with GxP and regulatory requirements, as well as ensuring the stability, scalability, and efficiency of our Microsoft cloud-based infrastructure. The ideal candidate will bring proven expertise in security along with hands-on experience in GxP processes and validated systems.
Role And Responsibilities
Establish and lead the Information Technology security program in alignment with the NIST Cybersecurity Framework (CSF).
Collaborate with technical and non-technical partners to ensure policies, procedures., work instructions, and practices are compliant with various regulatory authorities including but not limited to SOX, FDA pharmaceutical Industry validation (GXP) and 21 CFR Part11, HIPAA, EU data privacy (GDPR), NIST Cyber Security Framework (CSF), etc.
Scale and optimize Microsoft security tools (Defender, Purview, Sentinel, Intune, Entra ID, etc.) for threat protection, identity management, and data governance.
Lead data privacy and protection initiatives, ensuring proper controls for sensitive clinical, R&D, and regulated data.
Develop and enforce policies for responsible AI use within the organization, ensuring compliance, data security, and ethical application of AI technologies.
Conduct and lead risk assessments, vulnerability management, and incident response programs.
Ensure readiness for internal and external audits, including FDA/EMA inspection support for GxP-regulated systems.
Lead and advise on system validation practices for all GXP systems
Manage the Change control Board (CCB) and all related lifecycle changes to systems to ensure effective controls and compliance
Drive security awareness, training, and culture across the organization.
Maintain and pursue relevant security certifications (NIST-focused, CISSP, CISM, CISA, Microsoft security certifications) to enhance organizational credibility and maturity.
Support and enhance the Microsoft cloud environment (Azure, Microsoft 365, Intune, Teams, SharePoint).
Partner with the infrastructure team to manage identity, networking, collaboration platforms, and endpoint operations.
Ensure patching, upgrades, and operational stability across cloud services and SaaS applications.
Collaborate on projects that improve scalability, performance, and resilience of IT systems.
Contribute to vendor evaluation, license management, and technology optimization.
All other duties as assigned.
Experience, Education And Specialized Knowledge And Skills
Bachelors degree in Computer Science, MIS, Software Engineering or similar strongly preferred
Minimum of 8+ years of IT experience, with at least 2 years in security leadership roles.
A "hands-on" self-starter with managerial/ leadership experience and a demonstrated ability interact with technical and non-technical staff, various levels of management, and external parties, to accomplish goals and objectives
Proven experience in the p
About the Company
Summit Mission Statement: To build a viable, long-lasting health care organization that assumes full responsibility for designing, developing, trial execution and enrollment, regulatory submission and approval, as well as successful commercialization of patient, physician, caregiver, and societal-friendly medicinal therapy intended to: improve quality of life, increase potential duration of life, and resolve serious medical healthcare needs. To identify and control promising product candidates based on exceptional scientific...
Know more