Director, Cybersecurity Engineering
BioMarin is the world leader in delivering therapeutics that provide meaningful advances to patients who live with serious and life-threatening rare genetic diseases. We target diseases that lack effective therapies and affect relatively small numbers of patients, many of whom are children. These conditions are often inherited, difficult to diagnose, progressively debilitating and have few, if any, treatment options. BioMarin will continue to focus on advancing therapies that are the first or best of their kind.
By providing a foundation for all operations company wide, BioMarin’s General and Administrative teams support our mission of providing first and best in class therapeutics to patients who live with rare diseases. Our teams include groups such as finance, legal, human resources, corporate compliance and ethics, and information technology. Come join our team and make a meaningful impact on patients’ lives.
The Associate Director (A.D.) of Cybersecurity Engineering, is responsible for BioMarin’s core cybersecurity technology and capabilities. A key element of this role is working cross functionally at all levels across BioMarin to develop, maintain, and execute BioMarin’s cybersecurity strategy. The A.D. of Cybersecurity Engineering will also be responsible for leading an onsite and remote team for the delivery and enforcement of architecture, engineering, and integration of cybersecurity and enterprise technologies.
This person will be a key member of the Cybersecurity Leadership Team and will help to build and operate the cybersecurity program as a whole.
The ideal candidate will have a broad understanding of all cybersecurity capabilities, with deep expertise in building and operating core security technologies. This person will need to be proficient in managing technical teams, partnering with peers in all functions, and communicating to senior executives.
- Build, mature, and operate tactical and strategic cybersecurity technology capabilities. Ensure output from this capability is fed into cybersecurity identification, protection, and response capabilities.
- Build, mature, and operate cybersecurity SDLC. Act as cybersecurity consultant and champion. Partner with Information Management and Business Units for architecture design, review, and approval.
- Build, mature, and operate Cyber Incident Response Team capabilities. Ensure that this capability is highly process driven and able to respond to cybersecurity events and incidents rapidly and effectively.
- Establish long-term technology roadmap for cyber investments to ensure that these they continue to provide value to BioMarin and achieve agreed upon maturity and performance goals.
- Manage FTE and contract resources in the delivery of BioMarin’s engineering, incident response, and CSOC capabilities. Establish a multi-year workforce plan to ensure that resourcing keeps pace with business need. Train personnel and build redundancy into capability to ensure optimal execution and predictability.
- Establish and monitor key performance indicators and ensure that performance goals are achieved.
- Work with Head of Global Cybersecurity and other members of the Cybersecurity Leadership Team to establish and execute a long-term cybersecurity roadmap that appropriately addresses the cybersecurity risks to BioMarin.
- Work cross-functionally at all levels of the organization to build and operate cybersecurity capabilities to reduce the likelihood and impact of cybersecurity incidents.
- Professional security management certification preferred (e.g., CISSP, CISM).
- Minimum of six years of experience in a cybersecurity leadership role.
- Strong understanding of UEBA, EDR, ATP, DNS Filtering, PAM, and EPM preferred
- Broad understanding of network, infrastructure, and identity security technologies preferred
- Knowledge of common information security management frameworks and practices, such as ISO/IEC 27001, NIST CSF, SOX, GDPR, and HIPAA.
- Excellent written and verbal communication skills and high level of personal integrity.
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
- Experience with contract and vendor negotiations including managed services.
- Ability to participate in off-hour handling of security incident.
- Experience working with Biotech or Pharmaceutical companies a plus.
PLEASE NOTE: Absent a Medical or Religious reason that prohibits vaccinations, all our incoming employees must be vaccinated for COVID-19.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.