InfoSec Risk and Governance Lead, London

Join to apply for the

InfoSec Risk and Governance Lead, London

role at

myGwork - LGBTQ+ Business CommunityInfoSec Risk and Governance Lead, London

1 week ago Be among the first 25 applicantsJoin to apply for the

InfoSec Risk and Governance Lead, London

role at

myGwork - LGBTQ+ Business CommunityThis job is with Isomorphic Labs, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.

Isomorphic Labs is applying frontier AI to help unlock deeper scientific insights, faster breakthroughs, and life-changing medicines with an ambition to solve all disease.

The future is coming. A future enabled and enriched by the incredible power of machine learning. A future in which diseases are curtailed or cured starting with better and faster drug discovery.

Come and be part of an interdisciplinary team driving groundbreaking innovation and play a meaningful role in contributing towards us achieving our ambitious goals, while being a part of an inspiring and collaborative culture.

The world we want tomorrow is the one we’re building today. It starts with the culture at this company. It starts with you.

About Iso

Isomorphic Labs (IsoLabs) was launched in 2021 to advance human health by building on and beyond the Nobel-winning AlphaFold system. Since then, our interdisciplinary team of drug discovery experts and machine learning specialists has built powerful new predictive and generative AI models that accelerate scientific discovery at digital speed.

Our name comes from the belief that there is an underlying symmetry between biology and information science. By harnessing AI’s powerful capabilities, we can use it to model complex biological phenomena to help design novel molecules, anticipate how drugs will perform and develop innovative medicines to treat and cure some of the world’s most devastating diseases.

We have built a world-leading drug design engine comprising AI models that are capable of working across multiple therapeutic areas and drug modalities. We are continually innovating on model architecture and developing cutting-edge capabilities to advance rational drug design.

Every day, and with each new breakthrough, we’re getting closer to the promise of digital biology, and achieving our ambitious mission to one day solve all disease with the help of AI.

InfoSec Risk and Governance Lead, Lausanne or London

Your impact

As the Information Security Risk and Governance Lead, you will architect and evolve our security governance framework underpinning our scientific breakthroughs. Directly reporting to the CISO, your work will be critical in aligning our data management and security strategy with a complex regulatory landscape; enabling cutting-edge research programmes and reinforcing trust with partners. Your role will be instrumental in fostering a culture of security accountability and risk-informed decision-making, and ultimately in enabling Isomorphic Labs’ mission to solve all disease.

What You Will Do

Architect and operationalise a unified compliance framework spanning Drug Discovery and Development, AI, and Cyber regulatory landscapes.Own the strategic programme to achieve and maintain ISO 27001 certification for our Information Security Management System (ISMS).Author and maintain our security policies and processes, ensuring they are practical and effectively applied within our GxP-regulated and AI-first environment.Lead information security-related risk management and deliver actionable reports to key stakeholders, translating technical risks into business impact.Combine robust technical knowledge and business operations expertise to craft tailored risk mitigation strategies.Partner with Tech, ML, Legal, and Medical Research Teams to implement a comprehensive data governance framework, encompassing labelling, audit trails, and data lifecycle.Oversee internal and external audit programs and drive continuous readiness for regulatory inspections and partner due diligence.Lead engaging awareness and training programmes that foster a strong security culture throughout the organisation.Own Third Party Risk Management, including building an innovative approach to assess and manage risks from our critical AI, cloud, and research partners.Establish and report on Key Performance Indicators (KPIs) to demonstrate the effectiveness of security operations on business outcomes.

Essential

Skills and qualifications

Ability to excel as an individual contributor initially, with the agility to pivot from strategic risk planning to direct, collaborative implementation assistance.Knowledge of security and compliance standards across InfoSec (e.g. ISO 27001, NIST, HITRUST), life sciences (e.g. GxP, 21 CFR), emerging AI regulation (e.g. EU AI Act), and privacy domains (GDPR, HIPAA).Demonstrated experience leading multifaceted certification programs and responding to external audits.Robust knowledge of information technology and cybersecurity, including cloud and ML-based environments.Proven ability to manage the full risk management lifecycle, from technical risk identification and analysis to presenting clear, business-focused mitigation options.Experience managing the security threats posed by a complex third-party ecosystem, including cloud providers, AI vendors, and clinical research organisation partners (CROs).Practical experience with data governance and privacy controls, including data classification, audit trail, de-identification and data lifecycle management.Demonstrated experience in either the life sciences or the AI industry, with a strong grasp of domain-specific risks and regulatory challenges.Open-minded and innovative approach in meeting regulatory requirements, balancing compliance with the efficiency demands of ML-driven drug discovery.A natural ability to build credibility and influence decision-making across scientific, engineering, corporate and leadership functions to drive the security agenda forward.

Nice To Have

Experience building and operating a Trusted Research Environment and/or Trusted ML Environments.Familiarity with AI-specific threats and security controls, such as those addressing model inversion, data poisoning, or adversarial attacks.Relevant certifications (e.g. CISM, CISA, CISSP, ISO 27001 Lead Implementer/Auditor).Experience using modern GRC platforms (e.g. Vanta, Drata) or scripting (e.g. Python) to automate evidence collection and control monitoring.Contribution to open-source security projects or participation in security communities.

Culture and values

We are guided by our shared values. It''s not about finding people who think and act in the same way. These values help to guide our work and will continue to strengthen it.

Thoughtful

Thoughtful at Iso is about curiosity, creativity and care. It is about good people doing good, rigorous and future-making science every single day.

Brave

Brave at Iso is about fearlessness, but it’s also about initiative and integrity. The scale of the challenge demands nothing less.

Determined

Determined at Iso is the way we pursue our goal. It’s a confidence in our hypothesis, as well as the urgency and agility needed to deliver on it. Because disease won’t wait, so neither should we.

Together

Together at Iso is about connection, collaboration across fields and catalytic relationships. It’s knowing that transformation is a group project, and remembering that what we’re doing will have a real impact on real people everywhere.

Creating An Extraordinary Company

We believe that to be successful we need a team with a range of skills and talents. We''re building an environment where collaboration is fundamental, learning is shared and every employee feels supported and able to thrive. We value unique experiences, knowledge, backgrounds, and perspectives, and harness these qualities to create extraordinary impact.

We are committed to equal employment opportunities regardless of sex, race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, gender identity, pregnancy or related condition (including breastfeeding) or any other basis protected by applicable law. If you have a disability or additional need that requires accommodation, please do not hesitate to let us know.

Hybrid working

It’s hugely important for us to share knowledge and build strong relationships with each other, and we find it easier to do this if we spend time together in person. This is why we follow a hybrid model, and

would require you to be able to come into the office 3 days a week

(currently Tuesday, Wednesday, and one other day depending on which team you’re in). If you have additional needs that would prevent you from following this hybrid approach, we’d be happy to talk through these if you’re selected for an initial screening call.

Please note that when you submit an application, your data will be processed in line with our privacy policy.

>> Click to view other open roles at Isomorphic LabsSeniority level

Seniority level Mid-Senior levelEmployment type

Employment type Full-timeJob function

Job function OtherIndustries BiotechnologyReferrals increase your chances of interviewing at myGwork - LGBTQ+ Business Community by 2xSign in to set job alerts for “InfoSec Risk and Governance Lead, London” roles.

London, England, United Kingdom 1 week agoWandsworth, England, United Kingdom 1 month agoLondon, England, United Kingdom 5 days agoTeam Lead (Step 2) - Lewisham Talking Therapies

London, England, United Kingdom 5 days agoLondon, England, United Kingdom 6 days agoPrimary Care Centres Operational Team Lead

London, England, United Kingdom 1 week agoLondon, England, United Kingdom 6 days agoLondon, England, United Kingdom 2 weeks agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 1 week agoThornton Heath, England, United Kingdom 1 day agoLondon, England, United Kingdom 2 weeks agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 2 weeks agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 5 days agoBusiness Development and Communications Lead

London, England, United Kingdom 1 week agoLondon, England, United Kingdom 13 hours agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 1 week agoWorkplace Experience and IFM Transformation Lead

London, England, United Kingdom 1 week agoGreater London, England, United Kingdom 2 days agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 2 days agoLondon, England, United Kingdom 2 days agoCreative Brand Content Manager - Topshop/Topman

London, England, United Kingdom 5 days agoLondon, England, United Kingdom 5 days agoAssistant General Manager : Up to A GBP 60,000

City Of Westminster, England, United Kingdom 3 days agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 3 weeks agoLondon, England, United Kingdom 1 week agoLead Project Manager (Investments products) - £100-120k + 15% bonus

London, England, United Kingdom 2 days agoLondon, England, United Kingdom 5 days agoLondon, England, United Kingdom 1 day agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr