Manager, Systems Compliance & Internal Controls

Location:  San Rafael, California Category: Accounting


BioMarin is the world leader in delivering therapeutics that provide meaningful advances to patients who live with serious and life-threatening rare genetic diseases. We target diseases that lack effective therapies and affect relatively small numbers of patients, many of whom are children. These conditions are often inherited, difficult to diagnose, progressively debilitating and have few, if any, treatment options. BioMarin will continue to focus on advancing therapies that are the first or best of their kind.

By providing a foundation for all operations company wide, BioMarin’s General and Administrative teams support our mission of providing first and best in class therapeutics to patients who live with rare diseases. Our teams include groups such as finance, legal, human resources, corporate compliance and ethics, and information technology. Come join our team and make a meaningful impact on patients’ lives.

BioMarin Finance is growing rapidly with the overall Company and is developing into a cutting-edge global finance organization. It has operations in over 40 countries that drive significant global accounting and finance complexity. The Company has ambitious growth plans and has an enthusiastic global finance team that is eager to deliver a world-class accounting and finance function to BioMarin and its stakeholders. BioMarin trades on the NASDAQ under ticker BMRN and is headquartered in San Rafael, California. In 2021, BioMarin’s commercialized products delivered total revenue of $1.8 billion.

JOB TITLE: Manager, Systems Compliance & Internal Controls


The Manager will be primarily responsible for scoping, documenting, and testing the Company’s SOX 404 IT compliance program, ensuring that the in-scope systems and IT-related processes are appropriately designed, implemented, and executed. The Manager will also manage the planning, implementation, coordination and execution of the Company’s Segregation of Duties assessment. The Manager will also support system owners in the performance of user access reviews, identify and lead continuous improvement opportunities, and strategically assess the utilization of new tools or implementations to ensure the integrity of rules and role development of users.

The Manager will report to the Internal Controls Team Lead and will closely collaborate with many global teams including the Internal Audit and External Audit teams, IT control and system owners and various business teams.

The successful candidate must be able to effectively communicate information (conceptual, technical & operational) with all levels within the organization, foster relationships across the organization, and demonstrate strong analytical skills with a solution-oriented mindset. The candidate will have the ability to multi-task, work independently in a fast-paced dynamic environment and collaborate with peers. The candidate must possess a strong desire to learn and develop new skills while providing enhancements to the current SOX 404 program. Strong organization and analytical skills, as well as attention to detail are essential. 


  • Manage the SOX IT compliance program, including the review of outsourced service provider’s scoping and risk assessment, participation in walkthroughs, and identification and validation of key controls to support the service provider’s execution of the Company’s audit of IT internal controls,
  • Facilitate internal control audit work performed by outsourced service provider and external auditors, including evaluation of identified deficiencies and timely resolution of audit findings,
  • Maintain best practices for the oversight of outsourced service providers and their SOX compliance policies and procedures,
  • Provide strategic input on the assessment of new systems, including the implementation and utilization of user roles in the environment,
  • Plan and execute the Segregation of Duties assessment through the identification and mitigation of conflicts, including evaluation of conflicts of roles and user permissions and recommendations of remediations, improvements, or alignments of the Company’s key controls,
  • Determine whether proper Segregation of Duties and dual controls are in place throughout the organization,
  • Work in partnership with members across the Company to identify, develop, recommend, and implement system enhancements and present these results to senior leadership,
  • Support system owners in the performance of User Access Reviews to identify pertinent issues,
  • Participate in the enhancement or enforcement of operational procedures arising from new risks or requirements identified,
  • Prepare or support memorandums development for the SOX program,
  • Champion internal controls and corporate governance concepts throughout the organization,
  • Work closely with the IT Security, Data Engineering and Compliance teams to ensure IT General Control documentation and monitoring programs are consistent with SOX requirements,
  • Support the Corporate Controllership on special projects and activities, as needed.



Required Skills:

  • 5-8 years previous experience in an IT Audit or Compliance position,
  • Experience with user roles, permissions, and systems management; SAP, GRC, and / or Segregation of Duties experience required,
  • Strong attention to detail, decision-making, problem-solving, time management and organizational skills,
  • Experience with all aspects of auditing a Company’s IT internal controls over financial reporting, including risk assessment and evaluation of control deviations a plus,
  • Ability to research and propose resolutions on complex issues,
  • Ability to work independently and manage time with global business partners,
  • Strong leadership and communication skills, including with audit partners, business partners, and members of the IT organization across functions and at multiple levels,
  • Demonstrated problem solving and analytical skills,
  • Strong interpersonal skills and demonstrated commitment to teamwork and partnerships,
  • Bachelor’s degree in Information Systems, Computer Programming or other IT focused degree preferred,
  • CIA or CISA preferred,
  • Excellent Excel spreadsheet skills and proficiency with other Microsoft Office products (Word, PowerPoint, etc.),

Desired Skills:

A mixture of both Public Company Audit and Industry experience would be a distinct advantage. Large company experience is also desired.


Bachelor’s degree in Information Systems or related field is required. Certified Internal Auditor or equivalent is desired. 


Corporate Controllership, IT Organization, Internal and External Auditors and other BioMarin Departments.




Employees on a Hybrid schedule can alternate time between home and office and are expected to work from the office two to four days a week. Required time in the office may depend on position and business needs.

PLEASE NOTE: Absent a Medical or Religious reason that prohibits vaccinations, all our incoming employees must be vaccinated for COVID-19.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.