Security and Compliance Administrator

Redwood City , CA /
IT /
Full Time Employee (FTE)
Position Summary
You recognize cyber security as the management of risk associated with people, process, technology and data. You understand how to use the Microsoft Ecosystem to design “Zero Trust - Identity and Data Centric” solutions that will mitigate these risks and ensure compliance. You are an astute advisor on Security Transformation, Security Strategy and Security Operations.  

Essential Responsibilities:

    • Security & Compliance practitioner: Experienced with solutions and architectures for confidentiality, integrity and availability including endpoint detection and response, anti-malware, persistent threats, email security, user behavior and analytics, threat intelligence, threat hunting and forensics, information protection, application, security management, auditing and governance. 
    • Identity practitioner: Experienced professional conversant in cloud-based identity and access management solutions that extend security, governance, and compliance to SaaS, PaaS, IaaS 
    • Practitioner mindset: Committed to knowing not just what tools can do but practices the skills required to successfully implement a solution required
    • Technical experience with cloud and hybrid infrastructures, architecture designs, and technology management; broad experience with Microsoft 365 Security, Compliance Azure Security and MDM / MAM, and Windows 10  
    • Technical depth: Practical enterprise experience with configuration and implementation of Microsoft or other security & compliance solutions  
    • Excellent Communicator: Outstanding written & verbal communication, collaboration, organizational, presentation. 
    • Executive Validated experience engaging with senior level executives preferred
    • Growth Mindset: Experience and passion for learning (technical and professional skills); implementing practices from others; trying, failing, and learning from both successes and failures; sharing practices and knowledge for others’ benefit. 
    • Act as a “Trusted Advisor” on best practices to protect information. Giving effective advice in large-scale technology projects while working at all levels 
    • Review, monitor and develop Biomea Fusion’s security and compliance posture across physical and logical infrastructures centralizing on the Microsoft 365 technology stack: 
    • Security Center, Compliance Center, Endpoint manager, CAS, LAN, WAN, Firewall, edge security 
    • Carry out threat and risk assessments and develop security architecture to mitigate threats. 
    • Maintain and Develop Biomea Fusion’s compliance initiatives and audits (e.g., Sox, CFR 21 part 11, GxP, GDPR, CCPA etc.).

Education and Experience Requirements:

    • Certification in Microsoft 365 Security Administration or Azure Security Engineer, preferred
    • Bachelor’s Degree in computer science or related preferred  
    • Life Science experience preferred 
    • 5+ years Extensive security compliance auditing or implementation experience 
    • Exposure to AWS, Azure, GCP 

Strong technical skills to design and implement O365 Security services with hands on experience with several of the items outlined below:

    • Manage identity and access. 
    • Hybrid environments (Connectivity, sync services, and authentications) 
    • Azure AD Self-service password reset, Azure AD access reviews) 
    • Authentication Methods (sign-on security, multi-factor authentication (MFA), device sign-on methods, manage authentication methods) 
    • Conditional Access (Compliance and conditional access policies, device compliance policy, conditional access policy) 
    • Role-based access control (RBAC) 
    • Azure AD Privileged Identity Management (PIM) 
    • Azure AD Identity Protection (User risk policy and sign-in risk policy) 
    • O365 ATP - Advanced Threat Protection (Anti-phishing protection, anti-spoofing, anti-spam protection, Safe-Attachments, Safe Links, anti-malware solution, and tests using Attack Simulator) 
    • Information Protection 
    • Secure data within O365 (Customer Lockbox, Office 365 collaboration workloads, SharePoint, Teams, and B2B sharing for external users) 
    • Azure Information Protection (Azure Rights Management, labels and conditions, templates, AIP scanner, RMS connector, tenant keys, integrate AIP with Microsoft Online Services) 
    • Data Loss Prevention (Manage DLP policies, manage sensitive information types) 
    • Cloud App Security (Plan implementation and configuration) 
    • O365 Governance and Compliance 
    • Security reporting (Windows Analytics, Office Telemetry, Office 365 secure score, Azure Log Analytics integration, and alert policies in the O65 Security and Compliance Center) 
    • Audit logs and reports (Office 365 auditing and reporting) 
    • O365 classification and labeling (Data governance classification and labels) 
    • Data governance and retention (Retention policies, data governance reports and dashboards, Information holds, import data in the Security and Compliance Center, manage inactive mailboxes) 
    • Search and investigation (Content search and eDiscovery, export content search results, and manage eDiscovery cases) 
    • Data privacy regulation compliance (Regulatory compliance in Microsoft 365, review and interpret GDPR dashboards and reports, Compliance Manager reports) 
    • Ability to integrate Microsoft Cloud Technologies with 3rd party security products such as Lookout, Zscaler, MobileIron, AirWatch, Splunk, Symantec, Ping, Okta, SailPoint, etc. 


    • Biotechnology

Employment Type:

    • Full-Time
Equal Employment Opportunity
At Biomea Fusion, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer, we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.