Cybersecurity and Cloud Infrastructure Engineer (NJ)

Title:     

Cybersecurity and Cloud Infrastructure Engineer

 

Location:

The position will be based in Princeton, N.J. (currently hybrid) with occasional travel to CHDI’s other offices.

 

Reports To:  

Director, Information Technology

 

Salary Range: 

$120,000 – $180,000.  Exact compensation will vary based on experience

 

Other: 

Vaccination against COVID-19 is a prerequisite for employment at CHDI Management

 

About CHDI Foundation, Inc.

CHDI Foundation, Inc. is a privately funded nonprofit biomedical research organization exclusively dedicated to collaboratively developing therapeutics that will substantially improve the lives of those affected by Huntington’s disease (HD). Our scientists work closely with a network of more than 700 researchers in academic and industrial laboratories around the world in the pursuit of these novel therapies, providing strategic scientific direction to ensure that our common goals remain in focus. This helps bridge the translational gap that often exists between academic and industrial research pursuits and that adds costly delays to therapy development. In its role as a collaborative enabler, CHDI seeks to bring the right partners together to identify and address critical scientific issues and move drug candidates to clinical evaluation as rapidly as possible. Our activities extend from exploratory biology to the identification and validation of therapeutic targets, and from drug discovery and development to clinical studies and trials. More information about CHDI can be found at www.chdifoundation.org.

 

Job Description:

CHDI Management is seeking an experienced and proactive Cybersecurity and Cloud Infrastructure Engineer to manage and protect the organization’s data assets, cloud infrastructure, and technology systems. This individual will serve as the internal subject matter expert on cybersecurity, responsible for identifying and remediating vulnerabilities, governing identity and access across cloud platforms, and ensuring that CHDI’s security posture keeps pace with an evolving threat landscape.

This role carries both operational and strategic responsibilities. Day-to-day, the individual will monitor and respond to security events, manage vulnerability and penetration testing programs, and administer cloud security controls across platforms including AWS, Microsoft Azure, and Microsoft 365. Looking forward, this individual will play a key role in securing emerging AI infrastructure, including AWS Bedrock and related services as CHDI expands its use of artificial intelligence in research and operations.

Reporting to the Director, Information Technology, the Cybersecurity and Cloud Infrastructure Engineer will collaborate closely with IT, researchers, the Data Protection Officer (DPO), Data Manager, and end users to embed security best practices across the organization and ensure that all systems, accounts, and data remain protected.

The successful candidate will:

Organization Cybersecurity

  • Lead the organization’s vulnerability management program, including continuous scanning, prioritization, tracking, and remediation of identified vulnerabilities across endpoints, servers, cloud workloads, and applications.
  • Manage scheduled penetration testing engagements, including vendor selection and scoping, coordinating testing activities, reviewing findings, and driving remediation efforts to completion.
  • Develop and maintain a formal remediation tracking process and develop appropriate SOPs, working cross-functionally with IT and application owners to ensure timely resolution of critical and high-severity findings.
  • Produce clear, actionable reports on vulnerability status and remediation progress for IT leadership and organizational stakeholders.
  • Stay current on emerging threats, CVEs (Common Vulnerability and Exposures), and security advisories; assess organizational exposure and initiate appropriate response actions.
  • Manage security posture management (SPM), including Data and Cloud, tooling and ensuring findings are reviewed and addressed on a timely basis.
  • Monitor and respond to security events, alerts, and incidents across endpoints, cloud services, email, and network systems, maintaining documentation of investigations and remediation actions.
  • Manage data loss prevention (DLP) policies, information protection labels, and data classification frameworks to safeguard sensitive organizational and research data.
  • Administer email security controls including anti-phishing, anti-malware, and DMARC/DKIM/SPF configurations; investigate and respond to phishing reports and suspicious account activity.
  • Maintain and test the organization’s incident response plan; lead or support incident response activities in the event of a security breach or data loss event.
  • Develop and deliver security awareness content and communications to help staff recognize and respond to common threats such as phishing and social engineering.
  • Maintain thorough documentation of security configurations, procedures, incident records, and audit evidence.
  • Manage vendor relationships, contracts, and invoicing for security providers; hold vendors accountable to agreed-upon service levels and deliverables.
  • Other duties as assigned.

 

Cloud Infrastructure and AI Security

  • Administer and enforce security configurations across CHDI’s cloud environments, including AWS and Microsoft Azure, ensuring alignment with security baselines and industry best practices (CIS Benchmarks, NIST, etc.).
  • Secure AI infrastructure and services, including AWS Bedrock and other generative AI platforms, implementing appropriate access controls, data handling policies, SOPs, and usage governance frameworks.
  • Monitor cloud environments for misconfigurations, anomalous activity, and policy violations using cloud-native and third-party security tools (e.g., AWS Security Hub, Microsoft Defender for Cloud).
  • Collaborate with infrastructure and application teams to embed security requirements into cloud architecture decisions and new service deployments.

 

Identity and Access Management

  • Administer and govern identity and access management (IAM) across cloud platforms, including AWS IAM, Microsoft Entra ID (Azure AD), and related services, enforcing least-privilege principles and role-based access controls.
  • Work with CHDI’s DPO and Data Manager providing appropriate access to cloud-based assets.
  • Manage multi-factor authentication (MFA), conditional access policies, and privileged identity management (PIM) configurations to protect against unauthorized access.
  • Conduct periodic access reviews and entitlement certifications, working with department heads to validate that user permissions remain appropriate and aligned with job function.
  • Oversee the join/move/leave process from a security perspective, ensuring timely provisioning and de-provisioning of access across all systems and platforms.

 

Qualifications:

  • Minimum 5 years of experience in an information security or cloud security engineering role.
  • Demonstrated experience managing vulnerability management programs, including scanning tools (e.g., Tenable, Qualys) and remediation workflows.
  • Hands-on experience managing and securing cloud environments in AWS and/or Microsoft Azure, including IAM, security groups, logging, and monitoring configurations.
  • Experience managing identity and access management platforms including AWS IAM and Microsoft Entra ID (Azure AD), including conditional access and privileged identity management.
  • Familiarity with AI platform security considerations, including access governance and data handling for services such as AWS Bedrock, Azure OpenAI, or equivalent.
  • Experience coordinating penetration testing engagements with third-party vendors and driving remediation of findings.
  • Strong understanding of security frameworks and standards such as NIST CSF, CIS Controls, ISO 27001, or SOC 2.
  • Excellent written and verbal communication skills with the ability to convey complex security concepts to non-technical stakeholders.
  • Demonstrated ability to establish and maintain effective working relationships across the organization.
  • Ability to self-initiate, manage competing priorities, and respond decisively under pressure.

 

Preferred Qualifications:

  • Experience implementing or operating a Security Information and Event Management (SIEM) platform (e.g., Microsoft Sentinel, Splunk, or equivalent).
  • Familiarity with zero-trust architecture principles and implementation.
  • Experience with Microsoft Purview for data governance, compliance, and information protection.
  • Scripting or automation skills (e.g., Python, PowerShell) to support security operations and tooling.
  • Knowledge of data privacy regulations and compliance frameworks relevant to research organizations (e.g., GDPR, HIPAA, FISMA).
  • Experience in a non-profit, research, or life sciences organization.
  • Familiarity with ITIL best practices and IT service management frameworks.

 

Education / Certifications:

  • A Bachelor’s degree in a relevant field is required. One or more of the following certifications are strongly preferred:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • AWS Certified Security – Specialty
  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Microsoft Certified: Identity and Access Administrator Associate (SC-300)
  • CompTIA Security+ or CySA+
  • Certified Ethical Hacker (CEH) or GIAC Penetration Tester (GPEN) (preferred, not required)

 

 

Send resume to

 

 

About CHDI Foundation, Inc.

CHDI Foundation is a private nonprofit biomedical research organization exclusively dedicated to collaboratively developing therapeutics that will substantially improve the lives of those affected by Huntington’s disease (HD).

 

About CHDI Management, Inc.

Our staff works for CHDI Management, Inc., which was established in 2002 to provide administrative and management services to CHDI Foundation, Inc.

 

About our Donors

CHDI’s activities focus solely on the collaborative development of therapeutics that will substantially improve the lives of those affected by Huntington’s disease. We are indebted to our donors, whose generosity and guidance have made possible this exclusive focus on science.