Lead Cloud Cybersecurity Specialist

Location:  San Rafael, California Category: Information Technology


Who We Are

For more than two decades, going our own way has led to countless breakthroughs, bettering the lives of those suffering from rare genetic disease. In 1997 we were founded to make a big difference in small patient populations. Now we seek to make an even greater impact by applying the same science-driven, patient-forward approach that propelled our last 25 years of drug development to larger genetic disorders, as well as genetic subsets of more common conditions. Through our unparalleled expertise in genetics and molecular biology, we will continue to develop targeted therapies that address the root cause of the conditions we seek to treat. Applying our knowledge to make a transformative impact is not just a calling, but an obligation to those who will benefit most. The end goal has always been better lives and now we can reach more.

And the more people we reach, the more our impact can grow. We transform lives through genetic discovery.

Our Culture

Our desire to make a positive impact on our patients extends to our employees and BioMarin is committed to fostering an inclusive environment where every person feels seen, valued, and heard – so employees can thrive in all areas of their lives, in and outside of work. We seek to provide an open, flexible, and friendly work environment to empower people and to provide them with the ability to develop their long-term careers. Ultimately, we want to be an organization where people enjoy coming to work and take pride in our efforts to help patients.

The Lead Cloud Cybersecurity Specialist of IM Security and Compliance is a hands-on senior technical subject-matter-expert who define and execute the security architecture, standards, configuration, and monitoring of cloud services at BioMarin. This position reports to the Director of Cybersecurity Engineering.


  • You will bring your security architecture, engineering, and analysis skills to apply across a hybrid-cloud and multi-cloud environment that includes Amazon Web Services (AWS) and Microsoft Azure/M365; including various Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) components.
  • You will be the top-tier escalation point for all internal and external stakeholders related to cloud security alerts, incidents, best practices, and standards.
  • In doing so, you will protect BioMarin, it's business partners, customers and its legal entities across the globe from security incidents.
  • Support IT and Development Teams as-need with cloud architecture and configuration advice and support.
  • Provide overall backup and support the Cybersecurity team for any other security projects or tasks.
  • Self-driven and fully accountable for independent effort.
  • Continuously review the security posture of BioMarin's cloud environments to ensure the safety and security of the environment, accounts, applications, and data.
  • Recommend and implement configuration standards to ensure the safety and security of the environment, accounts, applications, and data; and to enable effective automated security monitoring.
  • Liaise with engineering teams, and integrate into the DevOps process, to ensure security implications are considered early in the process and implemented at appropriate times.
  • Support the Vulnerability Management Process by monitoring vulnerability scans and dashboards for cloud environments and coordinating appropriate patching and upgrading with system owners.
  • Act as a Subject-Matter Expert on Cloud Best Practices for all areas of the business, providing guidance and support as needed
  • Support the audit process by preparing and producing evidence of effective control operations during the audit period
  • Ensure controls are always operated effectively
  • Work with System Owners to remediate any deficiencies
  • With a particular focus on cloud environments and tools, monitor alerts, detections, or other indicators of compromise/attack from information security solutions, including but not limited to:
    • End-point Detection and Response Agents
    • Monitor security platforms’ health for errors, misconfigurations, or performance alerts
    • Support response and investigation efforts into all security events, and perform root cause analysis
    • Leverage SIEM and UEBA platforms by creating and executing search queries to monitor cloud environments for potential security incidents
  • Maintain an understanding and awareness of the overall cyber threat landscape (advanced persistent threat groups, malware campaigns, botnets, hacktivism, DDoS attacks, geopolitical activities, etc.)
  • Coordinate and share information with other teams, including IT and Cybersecurity
  • Provide inputs for Key Performance Indicators (KPIs) to help determine the effectiveness of security controls.
  • Perform all of the above in a diverse environment including Cloud (IAAS/SAAS), On-Premise, and Legacy Systems.


  • Bachelor's degree in Computer Science, Information Technology is preferred
  • Security Certifications preferably Azure Architect Certification, Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP)
  • 10+ years of direct experience in cybersecurity with included experience of 3-5 years in Cloud Security
  • Experience with implementing security solutions in Azure or AWS environment
  • Utilize critical thinking skills and not hesitate to question status quo
  • An industry-standard cloud certification
  • Demonstrate ability to effectively communicate technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management, and business
  • Strong interpersonal skills: including excellent communication, written and presentation skills, ability to multi-task effectively, complete projects and perform daily tasks with minimal supervision and ability to set and meet deadlines
  • Ability to participate in occasional off-hours handling of security incidents
  • Ability to work a flexible schedule based on department and company needs
  • Ability to travel as needed (anticipated 5%)


Technologies/Software Experience

  • Cloud security industry standards and best practices (CSA CCM, CIS benchmarks, etc.)
  • Deploy and troubleshoot an application at scale in the cloud
  • Basic knowledge of TCP, IP, HTTP and basic application architecture
  • Basic knowledge of how cloud components communicate from a client to the cloud and a backend data system
  • Proficient use of Linux, MacOS, and Windows Operating System tools (such as curl, wget, nslookup, etc)
  • Operating and maintaining tools across Cloud security technology stack (CSPM, CWPP, SASE, CASB, CIEM, Cloud native features like GuardDuty, AWS Config, Amazon Inspector, etc.)
  • Working proficiency with at least one scripting language (Python, Javascript, Java, etc.)
  • Knowledge of compliance frameworks and industry standards such as NIST 800-171, NIST 800-53, and SSAE18 (SOC 2)
  • Deep understanding of API based security & compliance standards

PLEASE NOTE: Absent a Medical or Religious reason that prohibits vaccinations, all our incoming employees must be vaccinated for COVID-19.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.