Security Lead

Permanent employee, Full-time · Remote (UTC +/- 2 hrs)

About Apheris

At Apheris, we are building the future of how AI is applied in pharmaceutical R&D.
Our federated computing technology enables global pharma companies to collaborate securely on large AI models that accelerate drug discovery, without ever sharing their proprietary data. By powering multi-partner data networks across small molecules, antibodies, and protein folding, Apheris is redefining how science and AI intersect.
We currently host two flagship networks: the AI Structural Biology (AISB) Network, focused on protein co-folding and binding affinity prediction, and the ADMET Network, focused on small-molecule property prediction. In addition, we have just launched ApherisFold, an enterprise co-folding application that enables pharma teams to deploy cutting-edge models such as OpenFold3 and Boltz-2 directly within their own environments. 

About the role

We are looking for a hands-on Security Lead with strong technical depth to define, operationalize, and scale Apheris’ security capabilities. You will own cloud and application security, incident response, IT and corporate security, and security tooling across our environment.
You will collaborate closely with engineering, product, and leadership, ensuring that security is embedded throughout our systems, operations, and development processes. You will maintain and evolve the unified security control framework, build scalable security processes, and lead efforts to detect, respond to, and remediate threats.
Your focus is on anticipating risks, enabling teams, and ensuring that security is a natural part of day-to-day work. If you thrive at the intersection of technical depth, operational excellence, and cross-functional collaboration, while also influencing architecture, processes, and culture, this role is for you.

What you will do

Own cloud and application security, including AWS security architecture, IAM, network security, and secure configuration management.
Drive and continually improve application security practices, including secure coding guidance, threat modeling support, and automated security testing in the SDLC.
Lead the incident response program, including playbook development, on-call readiness, threat detection, and response coordination.
Manage vulnerability management processes, ensuring risks are identified, triaged, and remediated effectively with engineering teams.
Maintain and evolve security tooling, including monitoring, logging, SIEM/alerting, and secrets management.
Collaborate with engineering and platform teams to embed security considerations into design and architectural decisions.
Contribute to the unified control framework, ensuring strong security foundations for ISO 27001 and SOC 2
Own corporate and IT security, including endpoint management (e.g., MDM), identity and access management, and oversight of the external IT provider.
Lead security reviews by our customers, acting as a confident, trusted partner to enterprise clients throughout their evaluation process.
Stay ahead of emerging threats, technologies, and best practices to continuously uplift Apheris’ security posture.

What we expect from you

A degree in computer science, engineering, or equivalent hands-on experience in technical roles.
5+ years of experience in security engineering, cloud security, application security, or similar technical security roles.
Hands-on expertise with AWS security architecture, identity and access management, network security, and modern DevOps practices.
Experience implementing or supporting secure development lifecycle (SDLC) practices, collaborating closely with engineering.
Strong understanding of modern authentication, authorization, secrets management, and infrastructure-as-code security.
Demonstrated experience handling security incidents, vulnerability management, or threat detection.
Demonstrated experience with large-enterprise security and compliance expectations, including how major corporates conduct security reviews and vendor due-diligence processes.
Ability to build strong relationships across engineering and influence secure design decisions.
A pragmatic, solution-oriented mindset that balances security, usability, and speed.
Experience mentoring team members and helping them grow their security skills.

Nice to have

Experience maintaining compliance programs such as ISO 27001 or SOC 2.
Experience acting as a Data Protection Officer or supporting regulation like GDPR.
Experience leading and developing teams, with the ability to mentor others and scale a security function in a fast-growing environment.
Understanding of pharma deployment environments and integrations with common R&D platforms (e.g., Schrödinger LiveDesign, Benchling).
Experience working in B2B SaaS environments, particularly with AI-powered or data-intensive products, and an understanding of the security considerations that come with them.
Experience working directly with external partners, customers, and users in fast-moving, high-stakes projects.

What we offer you

Industry-competitive compensation, including early-stage virtual share options
Remote-first working - work where you work best, whether from home or a co-working space near you
Great suite of benefits, including a wellbeing budget, mental health benefits, a work-from-home budget, a co-working stipend and a learning and development budget
Generous holiday allowance
Office Days at our Berlin HQ or a different European location (3x a year)
A fun, diverse team of mission-driven individuals with a drive to see AI and ML used for good
Plenty of room to grow personally and professionally

Apply for this job

Your application!

We appreciate your interest in Apheris. Please fill in the following short form. Should you have any difficulties in uploading your files, please contact us by mail at career@apheris.com.