Sr Product Security Architect
at Thermo Fisher Scientific
Budapest, Közép-Magyarország, Hungary -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 20 Dec, 2024 | Not Specified | 23 Sep, 2024 | 4 year(s) or above | Computer Science,Customer Service Skills,Management Skills,Documentation,Information Security,Information Systems,Cloud,Vulnerability,Medical Devices,Testing,Product Security,Iso,Subject Matter Experts,Communication Protocols,Security Controls,E Commerce | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
POSITION SUMMARY:
By enabling our product development and sustainment teams, you will help ensure that Thermo Fisher products are developed and tested against security standards, further helping our customers to make the world healthier, cleaner and safer.
QUALIFICATIONS:
Education
Bachelor’s Degree in Information Assurance, Information Security, Management Information Systems, Risk Management, or Computer Science (Master’s Degree a plus) or equivalent field experience
EXPERIENCE:
- 4+ years of related work experience with product security, secure software development, risk assessment, or vulnerability management and
- 4+ years working as an architect or engineer in Cloud, e-Commerce, IoT, Endpoint, Network, or Server
KNOWLEDGE, SKILLS, ABILITIES:
- Solid skills in analysis and evaluation of processes and methods.
- Solid understanding of device research methods, variables and parameters including analysis, testing and documentation.
- Solid understanding of security controls.
- Good interpersonal and documentation skills
- Deep technical skills as they apply to networking and communication protocols
- Solid understanding of regulatory requirements, especially for medical devices
- Solid understanding of standards requirements (ISO, IEC, etc.), especially for medical devices
- Solid attention to detail, organizational skills
- Understanding of how to connect new and changing threats to IoT portfolio to create mitigating or compensating activities
- Exposure to popular application security standards including OWASP ASVS and Top 10, CSC 20, etc.
- Ability to explain and champion security concepts
- Excellent customer service skills required
- Strong analytical and product management skills required
- Excellent verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers, and subject matter experts
- solid project management skills
- Relevant technical certifications a plus
Responsibilities:
- Evaluate and provide technical security architecture guidance in the assessment of the design and implementation of products
- Provide technical subject matter expertise concerning security such as Cloud, e-Commerce, IoT, Endpoint, Network, and Servers
- Maintain and mature a well-rounded cybersecurity reference architecture
- Support the development of reusable technologies and software across our product space
- Work closely with key product development leaders to ensure security is incorporated in all customer-facing product offerings
- Support efforts to inject security into all levels of the product development process
- Evaluate the business processes around product security and anticipate requirements, uncover areas for improvement, and help develop and implement solutions
- Technical lead for security efforts that ensure continuous development and improvement of security integration into the product development lifecycle
- Partner with business and product leaders to lead ongoing reviews of existing processes to enable consistent application of secure development best practices across the enterprise
- Establish and build working relationships with product development partners to maintain and improve product and application security processes
- Deep dive into assigned line of business and develop a clear understanding to understand the products they produce and support throughout the lifecycle, including new research and development efforts
- Consult on the relevant regulatory requirements and standards requirements for applicable products and communicate those to the product development partners
- Ensure product portfolio data for assigned line of business in integrated in the Product Security Database
- Act as product liaison for security related customer requests using established process
- Coordinate, support and participate in the Security Testing (penetration testing, static and dynamic analysis related activities) with internal Product and Software Security teams
- Contribute to maturing process, policy, and standards guidance
- Educate key partners on program, risks, and importance of security in our products
- Work with cross-functional business units to identify, capture, and escalate, security vulnerabilities found in Thermo Fisher products and platforms
- Ensure excellent consistency, documentation, and process across all programs
- Stay abreast of new technology developments and assess the impact to the security program to determine integration points
- Collaborate with other departments (e.g., Risk Management, Internal Audit, HR, Legal, etc.) to direct compliance issues to existing channels for investigation and resolution.
- Travel up to 25% and on call/after-hours duties may be required.
REQUIREMENT SUMMARY
Min:4.0Max:9.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Computer Science, Information Systems, Management, Management Information Systems
Proficient
1
Budapest, Hungary