Cyber Security Engineer
BioMarin is the world leader in delivering therapeutics that provide meaningful advances to patients who live with serious and life-threatening rare genetic diseases. We target diseases that lack effective therapies and affect relatively small numbers of patients, many of whom are children. These conditions are often inherited, difficult to diagnose, progressively debilitating and have few, if any, treatment options. BioMarin will continue to focus on advancing therapies that are the first or best of their kind.
By providing a foundation for all operations company wide, BioMarin’s General and Administrative teams support our mission of providing first and best in class therapeutics to patients who live with rare diseases. Our teams include groups such as finance, legal, human resources, corporate compliance and ethics, and information technology. Come join our team and make a meaningful impact on patients’ lives.
The Cyber Security Engineer is responsible for safeguarding the organization's computer network and systems and assists in the execution of company information security strategy. The Information Security Engineer reports to the Associate Director, IM Security & Compliance. The ideal candidate will demonstrate a balance of soft skills (internal consulting, subject matter expertise and security vendor management) and technical skills (configuration, troubleshooting and administration) to meet the organization's information security needs.
The Information Security Engineer's responsibilities include, but are not limited to:
- Lead investigations related to security issues and incidents
- Executes Containment, Eradication of cyber security incidents
- Assume responsibility for managing the lifecycle of and administrating Endpoint, Server, and Network security solutions
- Implement and manage security tools, such as Advanced End Point Protection (EDR), Web Filtering Applications, Vulnerability Management, SIEM, SOAR tools etc.
- Responsible for Threat and Vulnerability management
- Partner with IT teams in rolling out security controls to a globally distributed workforce
- Coordinate with IT teams in addressing vulnerabilities, mitigations, and participate in system design and architecture
- Partner with Managed Security Service Provider (MSSP), Cloud Hosting Providers and other Managed Service Providers
- Act as subject matter expert and provide consultative support on internal projects related to or involving information security
- Provide security requirements and recommendations to the business to ensure secure project implementations
- Manage annual penetration testing and Cyber audit commitments
- Other duties as assigned
- Minimum 7+ years experience in IT Systems Engineering
- Minimum 2+ years experience in Information/Cyber Security or similar experience
- Bachelor's degree in Computer Science, or related field of study
- Security Certifications preferred (CISSP, CEH, CISA, CISM, GIAC, CRISC)
- Understanding of cyber security standards and frameworks
- Hands-on experience in IaaS, PaaS, SaaS, including Identity and Access Management roles. Strong understanding of network security techniques, infrastructure threat modeling and secure design, and the OWASP Top Ten
- Familiarity with various forms of encryption and hashing, and their appropriate use cases
- Demonstrated knowledge of regulatory requirements (SOX, ISO, and FDA) preferred
- Prior hands on experience with UEBA, EDR, ATP, DNS Filtering, PAM & EPM preferred
- Excellent written and verbal communication skills. Ability to explain technical concepts to technical or non-technical personnel
- Ability to independently prioritize multiple competing tasks
- Ability to participate in occasional off-hours handling of security incidents
- Must be able to work independently with minimal supervision
- Ability to work a flexible schedule based on department and company needs
- Ability to travel as needed (anticipated 5%)
salary is dependent upon region in where you live
PLEASE NOTE: Absent a Medical or Religious reason that prohibits vaccinations, all our incoming employees must be vaccinated for COVID-19.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.