Staff Information Security Engineer

Overview

Adaptive is announcing the integration of clonoSEQ MRD Testing into OncoEMR . At Adaptive, we're Powering the Age of Immune Medicine. Our goal is to harness the power of the adaptive immune system to transform the way diseases are diagnosed and treated.

As an Adapter, you'll have the opportunity to contribute to meaningful work and collaborate with colleagues at the apex of innovation and application.

It's time for your next chapter. Discover your story with Adaptive.

Position Overview

The Staff Information Security Engineer is responsible for driving information security functions related to specific domain(s) of cyber security. This role is accountable for governing information security risk by developing and implementing processes to oversee and manage risk. As part of the Information Security team, this role will collaborate with leaders in Information Technology, Software Development, and other departments to implement and manage Adaptive's information security strategy and policies, and to offer independent advice and recommendations to mature information security and risk management posture.

Key Responsibilities and Essential Functions

• Strategic Leadership & Governance
  • Serve as subject matter expert on information security, guiding cross-functional partners and leading enterprise-wide risk committees and security reviews.
  • Participate in the definition and evolution of Adaptive's cybersecurity strategy, architecture, and GRC roadmap aligned with business priorities.
  • Develop and maintain security reference architecture across cloud, hybrid, and on-prem environments.
• Policy & Compliance Management
  • Drive the development and implementation of security policies and ISMS practices, ensuring alignment with ISO 27001, SOC 2, TX-RAMP, HIPAA, and other regulatory frameworks.
  • Lead internal and external audits and certification efforts.
• Security Architecture & Control Design
  • Collaborate with IT, Privacy, and Engineering to design and implement layered security controls across identity, access, network, endpoint, application, and data environments. Continuously evaluate and integrate emerging technologies to strengthen Adaptive's security architecture.
• Conduct enterprise risk assessments, maintain the risk register, and monitor key indicators to identify and remediate non-compliance.
• Support customer audits, contract negotiations, and third-party risk management.
• Lead the assessment, management and response efforts for incidents, vulnerabilities, and other security events.
• Control Implementation & Optimization
  • Ensure effective deployment and optimization of security tools (e.g., SIEM, EDR, DLP, IAM) to meet GRC requirements and business needs.
  • Lead control testing, continuous monitoring, and third-party penetration testing engagements.
• Reporting & Stakeholder Communication
  • Develop and maintain KPIs, metrics, dashboards and reporting to measure the effectiveness of information security program activities.
  • Translate technical risks into business impact for non-technical stakeholders and support customer audits and inquiries.
• All other duties as assigned.

Position Requirements

• Bachelors + 12 years of related experience, or Masters + 8 years of related experience
• Understanding of Risk Management principles and tools to address high-risk areas.
• Solid knowledge of ISO 27001, NIST and other information security standards, with some experience implementing these standards.
• Good communicator in dynamic environments with solid attention to detail and ability to summarize.
• Ability to multi-task and meet deadlines; proven ability to perform in a fast-moving environment.
• Understanding of information security risk assessment and technology risk management and compliance procedures and methodologies.
• Ability to establish and maintain relationships across all levels of the organization, vendors, and business partners.
• Thorough knowledge of information security and compliance including SOC 2, ISO 27001/2, and HIPAA. Life sciences/healthcare experience, particularly with FDA cybersecurity guidance, is ideal.
• Solid understanding of application security, cloud security, security operations, incident response and infrastructure security.
• Ability to translate technical data into business impact information for non-technical audiences.
• Proven analytical and problem-solving abilities.
• Preferred certifications: internal auditor; certified lead implementor; CISSP, CISM, CISA, or equivalent experience.

Working Conditions

• Administrative work in a home/office environment.
• Regular weekday work hours, with occasional weekend/after-hours planned or unplanned work as needed.

Compensation

Salary Range: $143,200 - $214,800

Other compensation elements: equity grant

Important Notices

Adaptive Biotechnologies is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability. Adaptive may provide accommodations to applicants with disabilities upon request.