Head of Global Cyber Security

3 weeks ago


San Rafael, United States BioMarin Pharmaceutical Full time
Title: Head of Global Cyber Security Location: San Rafael, CA Work style: Hybrid local onsite three days + per week Who We Are For more than two decades, going our own way has led to countless breakthroughs, bettering the lives of those suffering from rare genetic disease. In 1997 we were founded to make a big difference in small patient populations. Now we seek to make an even greater impact by applying the same science-driven, patient-forward approach that propelled our last 25 years of drug development to larger genetic disorders, as well as genetic subsets of more common conditions. Through our unparalleled expertise in genetics and molecular biology, we will continue to develop targeted therapies that address the root cause of the conditions we seek to treat. Applying our knowledge to make a transformative impact is not just a calling, but an obligation to those who will benefit most. The end goal has always been better lives and now we can reach more. And the more people we reach, the more our impact can grow. We transform lives through genetic discovery. Our Culture Our desire to make a positive impact on our patients extends to our employees and BioMarin is committed to fostering an inclusive environment where every person feels seen, valued, and heard - so employees can thrive in all areas of their lives, in and outside of work. We seek to provide an open, flexible, and friendly work environment to empower people and to provide them with the ability to develop their long-term careers. Ultimately, we want to be an organization where people enjoy coming to work and take pride in our efforts to help patients. Position Summary: The Head of Global Cyber Security is responsible for BioMarin's overall cybersecurity strategy, personnel, processes, and technologies. Reporting to the Senior Vice President and Chief Information Officer, Information Technology, this senior-level role will be a key member in the IT Leadership Team, providing cybersecurity oversight and guidance for BioMarin. The Head of Cyber Security serves as the owner for all cybersecurity activities related to the availability, integrity, and confidentiality of BioMarin's systems and information. A key element of this role is working with executive management to determine acceptable levels of risk for the organization and be able to influence all levels of leadership towards a more secure cyber posture. With the significant complexity around this function, it is vital to be an effective collaborator with the myriad of other teams and stakeholders. The successful candidate will have held a similar role as Head of Cyber Security at a comparable-sized or larger Global organization and be able to demonstrate experience leading a robust Cyber Security program as well as managing a sizeable team of both internal and outsourced resources. RESPONSIBILITIES Cyber Security Strategy and Roadmap
  • Establish annual and long-range security and compliance goals, define cybersecurity strategies, metrics, reporting mechanisms and program services.
  • Develop and manage a framework for evaluating the maturity of the cybersecurity program and a roadmap for continual improvements.
  • Stay abreast of emerging cybersecurity threats, trends, and technologies, continuously enhancing the company's security posture.
Team Management and Oversight
  • Manage team performance and support career guidance of a high performing international team that supports Governance, Risk, and Compliance GRC), Cyber Operations and Threat Intel, and Cyber Engineering.
  • Provide direction and oversight to BioMarin's augmented Cyber Security Operations Center (CSOC) and discretionary Cyber Security projects and initiatives.
Establish and Maintain Cyber Security Policies and Standards
  • Lead the development and implementation of effective and reasonable policies and practices to secure sensitive data and ensure information security and compliance with relevant regulatory and legal policies.
  • Be a true champion of partnering with business leaders and Customer Facing IT (CFIT) to ensure risk assessment and risk management processes are well understood, and cybersecurity policies and standards are consistently applied.
  • Manage the Vendor Risk assessment process, including recurring verification of vendor risk profiles.
Cyber Security Operation and Incident Response
  • Provide leadership for cybersecurity incidents and act as the primary control point during significant incidents. Convene a Cybersecurity Incident Response Team (CIRT) as needed.
  • Collaborate closely with the Cyber SOC for incident response.
  • Provide leadership for cybersecurity-related audits and reviews within the Information Management organization, and partner with other groups as necessary.
Effective Communications

Communicate complex and technical issues to diverse audiences in an easily understood and actionable manner.

  • Present updates to various levels of the organization to include quarterly updates to BioMarin Audit Committee.
  • Represent the company in discussions with regulators, industry partners, and stakeholders on information security and compliance matters.
QUALIFICATIONS Education
  • Degree in a technology-related field or business administration.
  • Professional security management certification (e.g., CISSP, CISM) preferred.
Experience
  • Minimum of 12+ years of experience in information security, risk management, and technology management.
  • Proven track record of designing and implementing effective cybersecurity programs, including risk management, threat detection, and incident response.
  • A strong background in biotech, pharmaceuticals, or healthcare is preferred.
  • Understand the unique requirements of qualified (GMP) and non-qualified environments typically utilized in the Biotech industry.
  • Knowledge of common information security management frameworks and practices, such as ISO/IEC 27001, NIST, SOX, GDPR, and HIPAA.
  • Experience with contract and vendor negotiations and management, including managed services.
  • Cost center management-ability to create an annual cyber-related budget and demonstrate quarterly financial performance.
Skills
  • Excellent written and verbal communication skills and high level of personal integrity.
  • Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
  • Strong communication skills with the ability to manage up, down, and across the organization.
  • Extensive knowledge of regulatory requirements and compliance standards relevant to the biotech and healthcare industries, such as HIPAA, GDPR, FDA regulations, etc.
  • Commitment to diversity, equity, and inclusion, with a demonstrated ability to foster a culture of belonging and respect in the workplace.
Note: This description is not intended to be all-inclusive, or a limitation of the duties of the position. It is intended to describe the general nature of the job that may include other duties as assumed or assigned.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.

In the U.S., the salary range for this position is $ 236,000 to $ 354,000 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A discretionary bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

  • San Rafael, United States BioSpace, Inc. Full time

    Job Details Title: Head of Global Cyber Security Location: San Rafael, CA Work style: Hybrid local onsite three days + per week Who We Are For more than two decades, going our own way has led to countless breakthroughs, bettering the lives of those suffering from rare genetic disease. In 1997 we were founded to make a big difference in small patient...


  • san jose, United States ACL Digital Full time

    Job Role: Cyber Security Engineer VJob Type: ContractJob Location: San Jose, CA (Onsite/Hybrid)Job Description:Security Compliance EngineerThe Global Information Security team is responsible for driving security compliance activities for client Payments, Marketplaces, Corporate IT, and adjacent businesses. The Security Compliance Analyst will play a critical...


  • San Jose, United States ACL Digital Full time

    Job Role: Cyber Security Engineer VJob Type: ContractJob Location: San Jose, CA (Onsite/Hybrid)Job Description:Security Compliance EngineerThe Global Information Security team is responsible for driving security compliance activities for client Payments, Marketplaces, Corporate IT, and adjacent businesses. The Security Compliance Analyst will play a critical...


  • San Antonio, United States Global InfoTek Full time

    Clearance Level: TS/SCI US Citizenship: Required Job Classification: Full Time Location: Lackland, AFB (San Antonio, TX) Years of Experience: 5-7 years Education Level: Bachelor of Science Degree What Makes This a Great Opportunity: An exciting opportunity to work full-time developing innovative/unique cyber capabilities to assist a law...


  • San Antonio, United States General Dynamics Information Technology Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:SecretClearance Level Must Be Able to Obtain:Top Secret/SCIPublic Trust/Other Required:NoneJob Family:Cyber SecurityJob Qualifications:Skills:Cyber Defense, Linux, Networks, Risk AssessmentsCertifications:Comptia PenTest+ CE - CompTIAExperience:7 + years of related experienceUS Citizenship...


  • San Antonio, United States General Dynamics Information Technology Full time

    Type of Requisition:RegularClearance Level Must Currently Possess:SecretClearance Level Must Be Able to Obtain:Top Secret/SCISuitability:Public Trust/Other Required:NoneJob Family:Cyber SecurityJob Qualifications:Skills:Cyber Defense, Linux, Networks, Risk AssessmentsCertifications:Comptia PenTest+ CE - CompTIAExperience:7 + years of related experienceUS...


  • San Francisco, United States Bluestone Software Full time

    blueStone Recruiting is a national search firm with a focus of placing top Cyber Security talent from the Analyst level to CISO with prestigious organizations nationwide.Job DescriptionReports to CISO and works with a team of Cyber Security specialists.The Cyber Security Manager is responsible for identifying risks to the confidentiality, integrity, and...


  • San Francisco, California, United States Adobe Full time

    Transformative Cyber Security InternshipAt Adobe, we're committed to empowering a culture of innovation and excellence. We're seeking a highly motivated and detail-oriented Cyber Security Intern to join our Enterprise Security team. This internship is an unparalleled opportunity to develop your skills and experience in the field of cyber security.Key...


  • san jose, United States Stellar Consulting Solutions, LLC Full time

    Job Overview:Our team is looking for a CSIRT Engineer to join our Cyber Security Incident Response Team (CSIRT). This role involves handling security operations and supporting 24x7 incident response to safeguard critical information assets. The CSIRT Engineer will investigate, respond to, and mitigate cyber threats, using advanced security methodologies to...


  • San Jose, United States Stellar Consulting Solutions, LLC Full time

    Job Overview:Our team is looking for a CSIRT Engineer to join our Cyber Security Incident Response Team (CSIRT). This role involves handling security operations and supporting 24x7 incident response to safeguard critical information assets. The CSIRT Engineer will investigate, respond to, and mitigate cyber threats, using advanced security methodologies to...


  • San Antonio, United States Clear Channel Communications, Inc. Full time

    Current employees and contingent workers click hereto apply and search by the Job Posting Title. Clear Channel Outdoor Job Summary: Clear Channel Outdoor is seeking an entry-level Cyber Security Program Associate who will support the implementation and review, socialization, and maintenance of security controls, processes, policies, and training materials....


  • San Francisco, United States Cyber Crime Full time

    Job Description:As the Senior Cyber Risk Manager, you will be responsible for overseeing the identification, assessment, mitigation, and monitoring of technology-related risks within the organization. You will play a pivotal role in ensuring our technology infrastructure remains secure, compliant, and resilient to emerging threats and vulnerabilities. The...


  • san jose, United States Stellar Consulting Solutions, LLC Full time

    Note: Only W2 workableJob Description:Job Title: Cyber Security EngineerLocation: San Jose, CA (Onsite)Length of Assignment: Long term ContractShift type: Rotational shift4 days work/week (10 hours/day)Exp.: 3 - 5 yearsDescription:Core Job Functions Include:InvestigationsEscalationsResearchEducationCommunicationsDigital ForensicsCoverageTo be successful in...


  • San Jose, United States Aditi Consulting Full time

    Description of Project:We are seeking a Security Analyst/Investigator to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations...


  • san jose, United States Aditi Consulting Full time

    Description of Project:We are seeking a Security Analyst/Investigator to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations...


  • san jose, United States Aditi Consulting Full time

    Description of Project:We are seeking a Security Analyst/Investigator to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations...


  • San Francisco, United States The Harrison-Rush Group Full time

    Head of Cyber Security investment banking, your role will be to drive revenue in the sector by developing relationships with Private Equity, Financial Sponsors and corporations. 1. Deal Origination: Your role would involve sourcing and originating deals within the cybersecurity space. This could include identifying potential acquisition targets, advising on...

  • Cyber Security Lead

    1 week ago


    San Antonio, Texas, United States TM3 Solutions Inc Full time

    Job DescriptionTM3 Solutions Inc is seeking a highly skilled Cyber Security Subject Matter Expert to join our team. As a cybersecurity expert, you will be responsible for developing and documenting cybersecurity processes, creating policy and guidance, and conducting cybersecurity inspections and training development. Your recognized expertise in...


  • san antonio, United States Insight Global Full time

    Location: San Antonio, TXDuration: 12-Month Contract w/ extensions Required Skills & Experience- Bachelor’s degree in Cybersecurity, Information Technology, or a related field.-Minimum of 3 years of experience in a cybersecurity role with a focus on GRC.- Proficiency in CJIS system configurations and NIST controls.-Strong analytical, problem-solving, and...


  • san antonio, United States Insight Global Full time

    Location: San Antonio, TXDuration: 12-Month Contract w/ extensions Required Skills & Experience- Bachelor’s degree in Cybersecurity, Information Technology, or a related field.-Minimum of 3 years of experience in a cybersecurity role with a focus on GRC.- Proficiency in CJIS system configurations and NIST controls.-Strong analytical, problem-solving, and...