Skip Navigation

Sr. Director, Global Cyber Security

Location San Rafael, California Workstyle Open to Hybrid
BioMarin is the world leader in delivering therapeutics that provide meaningful advances to patients who live with serious and life-threatening rare genetic diseases. We target diseases that lack effective therapies and affect relatively small numbers of patients, many of whom are children. These conditions are often inherited, difficult to diagnose, progressively debilitating and have few, if any, treatment options. BioMarin will continue to focus on advancing therapies that are the first or best of their kind.

By providing a foundation for all operations company wide, BioMarin’s General and Administrative teams support our mission of providing first and best in class therapeutics to patients who live with rare diseases. Our teams include groups such as finance, legal, human resources, corporate compliance and ethics, and information technology. Come join our team and make a meaningful impact on patients’ lives.

The Sr. Director, Global CyberSecurity, is responsible for BioMarin’s overall CyberSecurity strategy, personnel, processes, and technologies. Reporting to the Senior Vice President and Chief Information Officer, Information Management, the Sr. Director, CyberSecurity, is a senior-level role that will be a key participant in the Information Management Leadership Team, providing CyberSecurity oversight and guidance for BioMarin. The Sr. Director, CyberSecurity, serves as the owner for all CyberSecurity activities related to the availability, integrity, and confidentiality of BioMarin’s systems and information. A key element of this role is working with executive management to determine acceptable levels of risk for the organization.

This position is responsible for establishing and maintaining a corporate-wide CyberSecurity management program to ensure that information assets are well-protected, including establishment of a risk register, tracking and communicating status of remediation activities, and reporting to Senior Executives and the Board on a recurring basis.

The successful candidate will have held a similar role as head of CyberSecurity at a comparable-sized or larger Global organization and be able to demonstrate experience leading a robust CyberSecurity program as well as managing a sizeable team of both internal and outsourced resources.

This role is based in BioMarin’s headquarters office in San Rafael, CA.


  • Establish annual and long-range security and compliance goals, define CyberSecurity strategies, metrics, reporting mechanisms and program services.
  • Provide leadership to the CyberSecurity team, including management of BioMarin’s CyberSecurity Operations Center.
  • Develop and manage a framework for evaluating the maturity of our Cybersecurity program and a roadmap for continual improvements.
  • Lead the development and implementation of effective and reasonable policies and practices to secure sensitive data and ensure information security and compliance with relevant regulatory and legal policies.
  • Provide leadership for CyberSecurity incidents and act as primary control point during significant CyberSecurity incidents. Convene a CyberSecurity Incident Response Team (CIRT) as needed to address and investigate CyberSecurity incidents.
  • Provider leadership for CyberSecurity-related audits and reviews within the Information Management organization, with partners in BioMarin’s Global Compliance group and other business groups as necessary to meet the needs of the organization.
  • Understand and interact with business units to ensure that risk assessment and risk management processes are well understood, and that CyberSecurity policies and standards are consistently applied across all technology projects, systems, and services.
  • Partner with business stakeholders across the company to raise awareness of CyberSecurity and risk management concerns, including management of CyberSecurity awareness training.
  • Manage Vendor Risk assessment process, including recurring verification of the vendor risk profile.
  • Assist with the overall business technology planning, providing a current knowledge and future vision for technology and systems.
  • Communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner.

Other Requirements:

  • Understand the unique requirements of qualified (GMP) and non-qualified environments (Labs) networks typically utilized in the Biotech industry
  • Degree in business administration or a technology-related field
  • Professional security management certification preferred (e.g., CISSP, CISM).
  • Minimum of eight to 12 years of experience in a combination of information security, risk management and technology management
  • Knowledge of common information security management frameworks and practices, such as ISO/IEC 27001, NIST, SOX, GDPR, and HIPAA
  • Excellent written and verbal communication skills and high level of personal integrity
  • Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
  • Experience with contract and vendor negotiations and management including managed services
  • Experience with Cloud computing/Elastic computing across virtualized environments and related CyberSecurity risk identification and management

PLEASE NOTE: Absent a Medical or Religious reason that prohibits vaccinations, all our incoming employees must be vaccinated for COVID-19.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.

About our location

San Rafael


Our Benefits


Hiring Insights

We treat rare diseases, and that gives us rare opportunities. Chris Brodeur, Director, Corporate Compliance
Return to the top of the page