Lead Cyber Security Engineer

Van Andel Institute (VAI), a world-class biomedical research institute, located in Grand Rapids, Michigan, is dedicated to improving human health. We are pioneers in the fight against cancer, Parkinson's, and other diseases. We are committed to inspiring the next generation of scientists and educators.

Van Andel Institute is seeking a Lead Cyber Security Engineer responsible for driving the strategic design, implementation, and continuous evolution of the organization’s security program.

You will provide both technical and operational leadership across security engineering and security operations, with direct accountability for incident response, threat detection, and the effectiveness of enterprise security controls. This position plays a critical role in protecting biomedical research assets, ensuring compliance with federal grant requirements, and advancing overall cybersecurity maturity.

What You'll Do

Security Architecture & Strategy

• Lead the development and execution of enterprise security architecture strategy and multi-year roadmap

• Design and implement secure infrastructure across cloud (Azure, AWS, M365) and on-prem environments

• Architect secure research computing environments, including data enclaves for controlled datasets (e.g., dbGaP)

• Ensure alignment with NIST CSF, NIST SP 800-171, NIH, GDS Policy, and CUI program requirements

Security Engineering & Operations

• Oversee the implementation and effectiveness of security controls (EDR, SIEM, MFA, firewalls, vulnerability scanners, email/web security)

• Lead vulnerability management and remediation programs

• Drive IAM strategy, third-party risk assessments, and secure system design reviews

• Mature SOC capabilities including detection engineering, monitoring, and response

Incident Response & Threat Management

• Serve as Incident Commander for major cybersecurity events

• Lead enterprise incident response coordination, tabletop exercises, and red/blue team simulations

• Develop and enhance threat detection capabilities in alignment with security frameworks

• Evaluate emerging threats targeting biomedical IP and research environments

• Ensure breach notification and incident reporting compliance with NIH and federal guidelines

Risk, Compliance & Governance

• Translate technical risks into executive-level metrics and reporting

• Lead audit readiness, regulatory reviews, and corrective action planning

• Maintain alignment with federal compliance requirements and grant obligations

• Develop and maintain security policies, standards, and SOPs

• Partner with Legal, HR, Finance, IT, and Research teams on risk and compliance initiatives

• Coordinate with grants management and compliance offices during incidents and audits

What You’ll Work With

• Enterprise security platforms including MDR, EDR, network and threat intelligence solutions

• Identity and Access Management strategy, MFA, and privileged access controls

• Cloud security architectures across Microsoft 365, Azure, and AWS

• Oversight and shared management of network security technologies such as next-gen firewalls, IDS/IPS, and secure web/email gateways

• Vulnerability management platforms and remediation workflows

• Secure research environments handling Controlled Unclassified Information (CUI) and genomic data

• Compliance frameworks including NIST CSF, NIST SP 800-171, NIH requirements, and GDS Policy

• Cross-functional systems spanning IT infrastructure, research computing, and enterprise applications

What We're Looking For

Required:

• Bachelor’s degree in Cybersecurity, Computer Science, or related technical field (or equivalent experience)

• 5–8 years of experience in cybersecurity engineering and operations

• 3+ years in a leadership, technical lead, or program oversight role

• Strong expertise in enterprise security architecture and risk management frameworks

• Hands-on experience with vulnerability management tools and methodologies

• Proven ability to lead incident response and security operations programs

• Strong analytical and risk quantification skills

Preferred:

• Experience in biomedical research, higher education, or federally regulated environments

• Professional certifications such as CISSP, CISM, CCSP, CCNP Security, or CRISC

• Deep knowledge of MITRE ATT&CK and adversary tactics targeting research institutions

• Experience with federal compliance standards including NIH, CUI, and GDS Policy

• Strategic thinker with strong execution capability

• Ability to communicate complex technical risks to executive stakeholders

• Leadership, mentorship, and cross-functional influence

• Strong incident command and crisis management skills

• Continuous improvement mindset with a focus on operational maturity

Compensation and Benefits

All full-time employees of Van Andel Institute are eligible for benefits effective Day One. VAI offers a competitive and comprehensive benefits package.

Your Next Steps

If you’re excited about shaping Cybersecurity transformations and deliver value in a mission-driven organization, we’d love to connect.

To apply, please submit a PDF that includes:

•        A cover letter describing your interest in the role and alignment with your experience

•        Your current resume

•        Names and contact information for three professional references

About Van Andel Institute

Established in Grand Rapids, Michigan, in 1996 by the Van Andel family, VAI is now home to nearly 500 scientists, educators and support staff, who work with national and international collaborators to foster discovery. The Institute’s scientists study the origins of cancer, Parkinson’s and other diseases and translate their findings into breakthrough prevention and treatment strategies. Our educators develop inquiry-based approaches for K–12 education to help students and teachers prepare the next generation of problem-solvers, while our Graduate School offers a rigorous, research-intensive Ph.D. program in molecular and cellular biology.

VAI is committed to excellence through broad participation and diverse perspectives. We welcome applications from individuals of all backgrounds and experiences who share our passion for innovation and collaboration.

Van Andel Institute is an Equal Employment Opportunity (EEO) and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) Employer.   

As Van Andel Institute is a drug free employer, all prospective new employees undergo a urinalysis/drug test as part of our pre-employment process.  This is a 7-panel drug screen and it includes testing for Marijuana, Cocaine, Amphetamines, Opiates, PCP, Barbiturates, and Benzodiazepines. 

About Grand Rapids, MI  

Van Andel Institute is in downtown Grand Rapids, Michigan in the center of the Medical Mile.  A remarkable combination of a cosmopolitan atmosphere and small-town warmth, Grand Rapids is known for its philanthropic and sustainability-driven community. It’s fun affordable and family-friendly.  

Located on the banks of the Grand River, Grand Rapids offers all the big-city excitement you'd expect from a million-resident metropolis, featuring hundreds of restaurants and nightspots, theaters, museums, sports and concerts. The safe and clean downtown is surrounded by an eclectic mix of walkable neighborhoods and natural areas. The downtown area is safe and clean with an eclectic mix of walkable neighborhoods and natural areas.