Senior System Security Architect
at Thermo Fisher Scientific
Texas, Texas, USA -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 14 Nov, 2024 | Not Specified | 15 Aug, 2024 | N/A | Csslp,Linux,Kubernetes,Computer Science,Docker,Information Security,Redis,Programming Languages,Operating Systems,Databases,Rabbitmq,Rest,Agile Environment,Sse,Security Architecture Design,Nginx,Communication Skills,Infrastructure Technologies | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
JOB DESCRIPTION
As part of the Thermo Fisher Scientific team, you’ll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every single day to enable our customers to make the world healthier, cleaner and safer. We provide our global teams with the resources needed to achieve individual career goals while helping to take science a step beyond by developing solutions for some of the world’s toughest challenges, like protecting the environment, making sure our food is safe or helping find cures for cancer.
EDUCATION
Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. Professional security certifications (e.g., CISSP, CISM, CSSLP) are highly desirable.
EXPERIENCE
- Demonstrated ability in a software security role with hands-on experience in security architecture design and implementation
- Deep knowledge of security principles, technologies, and frameworks (e.g., OWASP, SANS)
- Hands-on experience with programming languages used in the organization, e.g. .NET, Go, JavaScript
- Expert knowledge about architectural principles, practices, and approaches, such as microservices
- Strong cloud knowledge, especially AWS, and secondarily Azure
- Deep understanding of operating systems and deployment technologies, including Kubernetes, Linux, NGINX, Docker, etc.
- Experience with data infrastructure technologies like databases, message brokers, and distributed caches, e.g. PostgreSQL, RabbitMQ, Redis
- Familiarity with communication methodologies, including REST, gRPC, Web Sockets, SSE, and Webhooks
- Strong analytical and problem-solving skills, with the ability to perform comprehensive security assessments and make well-informed decisions
- Experience in working in agile environment
KNOWLEDGE, SKILLS, ABILITIES
- Excellent verbal and written communication skills effectively articulate security needs and strategies to both technical and non-technical collaborators and partners
- Ability to lead and inspire a team. Strong project management and organizational skills
- Ability to work with customers and their IT representatives
Responsibilities:
Security Framework Development: Develop, maintain, and improve a comprehensive security methodology for all software engineering projects, ensuring alignment with industry standards.
Threat Modeling & Risk Assessment: Perform threat modeling and risk assessments for software architectures, identifying potential vulnerabilities and devising strategies to mitigate risks.
Security Guidelines & Standards: Establish and enforce security guidelines, standards, and policies to be followed throughout the software development process.
Collaboration & Guidance: Work closely with development teams to integrate security considerations into the software design and development processes. Provide expert mentorship on secure coding practices and vulnerability remediation.
Security Tools & Technologies: Evaluate, recommend, and implement security tools and technologies to improve the security posture of software solutions.
Incident Response: Participate in the development and execution of incident response plans, including conducting post-mortem analysis and implementing corrective actions to prevent future occurrences.
Compliance & Certification: Ensure that software solutions align with relevant regulatory and compliance requirements. Assist in the preparation for and management of audits and certifications.
Awareness & Training: Promote security awareness among development teams and collaborators. Conduct regular training sessions on standard methodologies and emerging threats.
Continuous Improvement: Continuously monitor the security landscape for emerging threats and vulnerabilities. Recommend and implement improvements to security policies, procedures, and controls.
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Information Technology
Graduate
Computer Science
Proficient
1
Texas, USA