Senior IT Security Engineer

Supernus Pharmaceuticals is an award-winning biopharmaceutical company with more than 30 years of experience in developing and commercializing products that treat central nervous system (CNS) diseases. At Supernus, we develop innovative products that help treat neurological and psychiatric conditions. At Supernus, we develop innovative products that help treat neurological and psychiatric conditions. We currently have 8 products in the market that are making a real impact on patient outcomes.

Job Summary:

The Senior IT Security Engineer is a seasoned security leader responsible for architecting, operating, and continuously maturing enterprise security controls to protect Supernus systems, data, and users. This role will be responsible for the security engineering and operations to drive strategy and direct execution across vulnerability management, endpoint and cloud security, security monitoring, and incident response. The engineer will serve as a subject matter expert and escalation point for complex security issues, lead investigations, and guide remediation while ensuring security technologies and processes are optimized and aligned with business priorities. This position also plays a key role in shaping security architecture, influencing technical direction, and advancing security awareness, policies, standards, and procedures across the organization.

Essential Duties & Responsibilities:

• Lead the operation, tuning, and integration of security platforms, including CrowdStrike, Zscaler, Microsoft Defender, Microsoft Endpoint Manager, Tenable, Office 365, Azure AD, and logging solutions to maintain enterprise-wide situational awareness.
• Own the triage and investigation lifecycle for security alerts from the external Security Operations Center (SOC), driving determination of false positives versus true incidents.
• Coordinate and, when necessary, lead incident response efforts for events affecting confidentiality, integrity, or availability, escalating to IT Leadership with articulated impact, risk, and recommended remediation.
• Lead the development, review, and maintenance of IT security policies, standards, procedures, and technical control documentation, aligning them with industry best practices and regulatory requirements.
• Oversee vulnerability management activities, including analysis, prioritization, and tracking of remediation efforts across endpoints, servers, applications, and cloud workloads, and partner with infrastructure and application teams to ensure timely closure.
• Direct the analysis of reported suspicious emails, ensure accurate classification, support metrics and reporting, and communicate findings and preventive guidance to users to reduce future risk.
• Drive the use of the Supernus KnowBe4 platform to plan and deploy ongoing security and privacy training, phishing simulations, and awareness campaigns, and provide feedback on program effectiveness.
• Establish and maintain secure configurations and patching standards for systems and applications, ensuring that critical security updates are rapidly evaluated, tested, and deployed.
• Monitor cybersecurity intelligence feeds, news, and threat actor tactics, techniques, and procedures (TTPs), translating threat information into concrete recommendations for Supernus.
• Synthesize and communicate the impact of security bulletins and publicly disclosed vulnerabilities, advising leadership and technical teams on risk and actionable mitigations.
• Partner with extended IT teams to embed security by design into new systems, cloud initiatives, and modernization of legacy platforms, providing expert guidance on secure architectures and patterns.
• Lead or support technical post-incident reviews, root cause analysis, and lessons learned, ensuring corrective actions are identified, tracked, and implemented.
• Champion and enforce security policies, procedures, and least-privilege access control standards across IT and business units, contributing to audit and compliance activities as needed.
• Evaluate and recommend emerging security technologies, services, and standards, building business cases where appropriate and helping plan roadmaps for security capability enhancements.
• Collaborate with cross-functional teams (infrastructure, application development, data, compliance, and business stakeholders) to design and deliver security solutions that enable business outcomes while managing risk.
• Mentor, coach, and provide technical direction to other IT staff, fostering a culture of continuous improvement and knowledge sharing.
• Other responsibilities and projects assigned.

Supervisory Responsibilities:

• N/A.

Knowledge & Other Qualifications:

• Bachelor's degree in cyber/IT Security, Computer Science, Computer Engineering, or related field required.
• 12+ years of progressive experience in IT security and system administration, including considerable experience in enterprise security engineering and operations.
• Microsoft Security, Certified Information Systems Security Professional, or similar certifications highly preferred.
• Proven history implementing, managing, and optimizing security software systems, applications, and related products in complex environments.
• Deep knowledge of system and software management best practices, with demonstrated ability to troubleshoot and resolve complex security and infrastructure issues.
• Strong understanding of Security Operations Center processes, including monitoring, incident handling, and escalation.
• Demonstrated knowledge of data privacy and protection practices and relevant regulatory expectations.
• Advanced working knowledge of multiple security technologies, including SIEM, intrusion detection/prevention, endpoint protection, web proxy/content filtering, Active Directory, PKI, RADIUS, and log analysis.

Other Characteristics:

• Ability to work independently and as part of a team and maintain high ethical standards of integrity and quality.
• Ability to have an innovative and dynamic approach to work.
• A self-starter able to work independently but comfortable working in a team environment.
• Ability to consistently exhibit Supernus Values in interactions with employees at all levels of the organization, vendors, customers and others.
• Capable of performing other duties as assigned by Management.
• Authorized to legally work in the United States without visa sponsorship.

Physical Requirements/Work Environment/Travel Requirements:

• Lifting Requirements: Exerting up to 35 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or a negligible amount of force regularly to move objects.
• The worker is required to have close visual acuity to perform an activity such as preparing and analyzing data and figures; transcribing; viewing a computer terminal; and extensive reading.
• The worker is not substantially exposed to adverse environmental conditions.
• Travel to Supernus HQ as needed for meetings, projects, and other business activities.

Compensation:

At Supernus, we offer a competitive compensation package that reflects your experiences and contributions. The expected salary range for fully qualified candidates applying for this role is $160,000 to $190,000. This range is what the Company reasonably expects to offer for the position and is not reflective of the full compensation scale of the role. This range may be modified in the future. An individual's salary within the range is based on multiple factors, which may include and are not limited to education, relevant experience, knowledge, length of industry experience and organizational needs.

You also will be able to participate in a competitive benefits package, including but not limited to: health, dental, vision, paid time off, 401k company match, company paid life insurance and health and wellness benefits. The total compensation package for this position also includes other compensation elements such as stock equity awards, employee stock purchase programs and participation in our Company's discretionary annual bonus program.

Supernus Pharmaceuticals is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability, protected veteran status, age or any other characteristic protected by law.