Moderna is a Cambridge, Massachusetts-based biotech company that built its name on mRNA technology. The platform is now running 45 development programs across 36 clinical trials, touching infectious diseases, immuno-oncology, rare diseases, cardiovascular disease, and autoimmune conditions. That pipeline includes SPIKEVAX, mRESVIA, and mNEXSPIKE - vaccines already in market or late-stage development, with 18 global locations scaling operations.
For a cybersecurity team, the threat surface here isn't abstract. This is a company that manufactures regulated medical products at global scale, handles sensitive clinical trial data, runs a sprawling digital infrastructure across multiple continents, and sits squarely in the crosshairs of nation-state actors and IP-focused adversaries. The attack vectors span manufacturing systems, supply chain integrations, clinical data pipelines, and the usual corporate sprawl - all of it operating under stringent regulatory frameworks.
Security roles at Moderna involve defending infrastructure that directly supports drug development and vaccine distribution. The operational tempo is fast - a company shipping 45 active programs isn't slowing down for security bottlenecks. Candidates will encounter environments where protecting proprietary mRNA research, securing GxP-validated systems, and managing risk across a multinational footprint are the concrete daily problems. The company has also committed to net-zero carbon emissions by 2030 for Scopes 1 and 2, signaling operational maturity beyond the lab bench.