Security Lead

At Apheris, we are building the future of how AI is applied in pharmaceutical R&D.
Our federated computing technology enables global pharma companies to collaborate securely on large AI models that accelerate drug discovery, without ever sharing their proprietary data. By powering multi-partner data networks across small molecules, antibodies, and protein folding, Apheris is redefining how science and AI intersect.
We currently host two flagship networks: theAI Structural Biology (AISB) Network,focusedon protein co-folding and binding affinity prediction, and theADMET Network,focusedon small-molecule property prediction. In addition, we have just launchedApherisFold, an enterprise co-folding application that enables pharma teams to deploy cutting-edge models such as OpenFold3 and Boltz-2 directly within their own environments.

• A degree in computer science, engineering, or equivalent hands-on experience in technical roles.
• 5+ years of experience in security engineering, cloud security, application security, or similar technical security roles.
• Hands-onexpertisewith AWS security architecture, identity and access management, network security, and modern DevOps practices.
• Experience implementing or supporting secure development lifecycle (SDLC) practices, collaborating closely with engineering.
• Strong understanding of modern authentication, authorization,secretsmanagement, and infrastructure-as-code security.
• Demonstrated experience handling security incidents, vulnerability management, or threat detection.
• Demonstrated experiencewith large-enterprise security and compliance expectations, including how major corporates conduct securityreviewsand vendor due-diligence processes.
• Ability to build strong relationships across engineering and influence secure design decisions.
• A pragmatic, solution-oriented mindset that balances security, usability, and speed.
• Experience mentoring team members and helping them grow their security skills.

• Industry-competitive compensation, including early-stage virtual share options
• Remote-first working - work where you work best, whether from home or a co-working space near you
• Great suite of benefits, including a wellbeing budget, mental health benefits, a work-from-home budget, a co-working stipend and a learning and development budget
• Generous holiday allowance
• Office Days at our Berlin HQ or a different European location (3x a year)
• A fun, diverse team of mission-driven individuals with a drive to see AI and ML used for good
• Plenty of room to grow personally and professionally

We are looking for a hands-onSecurity Leadwith strong technical depth to define, operationalize, and scale Apheris’ security capabilities. You will own cloud and application security, incident response,IT and corporate security,and security tooling across our environment.
You will collaborate closely with engineering, product, and leadership, ensuring that security is embedded throughout our systems, operations, and development processes. You willmaintainand evolve the unified security control framework, build scalable security processes, and lead efforts to detect, respond to, and remediate threats.
Your focus is on anticipating risks, enabling teams, and ensuring that security is a natural part of day-to-day work. If you thrive at the intersection of technical depth, operational excellence, and cross-functional collaboration, while also influencing architecture, processes, and culture, this role is for you.

• Experiencemaintainingcomplianceprogramssuch as ISO 27001 or SOC 2.
• Experience acting as a Data Protection Officer or supporting regulation like GDPR.
• Experience leading and developing teams, with the ability to mentor others and scale a securityfunctionin a fast-growing environment.
• Understanding ofpharma deployment environments and integrations with common R&D platforms (e.g.,SchrödingerLiveDesign,Benchling).
• Experience working in B2B SaaS environments, particularly with AI-powered or data-intensive products, and an understanding of the security considerations that come with them.
• Experience working directly with external partners, customers,andusers in fast-moving, high-stakes projects.

• Own cloud and application security, including AWS security architecture, IAM, network security, and secure configuration management.
• Drive and continually improve application security practices, including secure coding guidance, threat modeling support, and automated security testing in the SDLC.
• Lead the incident response program, including playbook development, on-call readiness, threat detection, and response coordination.
• Manage vulnerability management processes, ensuring risks areidentified, triaged, and remediated effectively with engineering teams.
• Maintain and evolve security tooling, including monitoring, logging, SIEM/alerting, andsecretsmanagement.
• Collaborate with engineering and platform teams to embed security considerations into design and architectural decisions.
• Contribute to the unified control framework, ensuring strong security foundations for ISO 27001 and SOC 2
• Own corporate and IT security, including endpoint management (e.g., MDM), identity and access management, and oversight of the external IT provider.
• Lead securityreviews by our customers, acting asa confident, trustedpartnerto enterprise clients throughout their evaluation process.
• Stay ahead of emerging threats, technologies, and best practices to continuously uplift Apheris’ security posture.