Associate Director, Threat and Incident Management
Location United States, RemoteWorkstyle Remote Only Apply
Reporting to the Head of Global Cybersecurity, The Associate Director (A.D.) of Threat and Incident Management, is responsible for BioMarin’s threat intelligence, incident management, and Cybersecurity Operations Center (CSOC) capabilities. This person will also be a key member of the Cybersecurity Leadership Team and will help to build and operate the cybersecurity program as a whole.
A key element of this role is working cross functionallyat all levels across BioMarin to develop, maintain, and executeour cybersecurity incident response plan.
The ideal candidate will have a broad understanding of all cybersecurity capabilities, with deep expertise in building and operating threat, incident, and security operations capabilities. This person will need to be proficient in managing technical teams, partnering with peers in all functions, and communicating to senior executives.
- Build, mature, and operate tactical and strategic cybersecurity threat intelligence capability. Ensure output from this capability is fed into cybersecurity identification, protection, and response capabilities.
- Build, mature, and operate cybersecurity incident management capability. Act as cybersecurity incident manager. Train personnel and build redundancy into capability to ensure optimal execution and predictability.Partner with Global Compliance & Ethics team to connect cybersecurity incident management with crisis management and business continuity processes.
- Build, mature, and operate 24x7 Cybersecurity Operations Center (CSOC). Ensure that this capability is highly process driven and able to respond to cybersecurity events and incidents rapidly and effectively.
- Establish long-term roadmap for threat, incident, and CSOC capabilities to ensure that these they continue to provide value to BioMarin and achieve agreed upon maturity and performance goals.
- Manage FTE and contract resources in the delivery of BioMarin’s threat, incident, and CSOC capabilities. Establish a multi-year workforce plan to ensure that resourcing keeps pace with business need.
- Establish and monitor key performance indicators for threat, incident, and CSOC capabilitiesand ensure that performance goals are achieved.
- Work with Head of Global Cybersecurity and other members of the Cybersecurity Leadership Team to establish and execute a long-term cybersecurity roadmap that appropriately addresses the cybersecurity risks to BioMarin.
- Work cross-functionally at all levels of the organization to build and operate cybersecurity incident management capabilities to reduce the likelihood and impact of cybersecurity incidents.
- Professional security management certification preferred (e.g., CISSP, CISM).
- Minimum of six years of experience in a cybersecurity leadership role.
- Knowledge of common information security management frameworks and practices, such as ISO/IEC 27001, NIST CSF, SOX, GDPR, and HIPAA.
- Excellent written and verbal communication skills and high level of personal integrity.
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
- Experience with contract and vendor negotiations including managed services.
- Experience working with Biotech or Pharmaceutical companies a plus.