Website Protection Architect

at  Thermo Fisher Scientific

JOB DESCRIPTION

When you join us at Thermo Fisher Scientific, you’ll be part of an inquisitive team that shares your passion for exploration and discovery. With revenues of more than $40 billion and the largest investment in R&D in the industry, we give our people the resources and chances to create significant contributions to the world.

EDUCATION

• Bachelor’s Degree in cybersecurity, computer science, engineering or other relevant field. Equivalent work experience also accepted.

EXPERIENCE

• Experience as an Application/Product Security Engineer, Architect or Developer
• Experience in developing remediation and solutions for product or infrastructure vulnerabilities
• A background integrating security testing into the SDLC (preferably the SCRUM framework)
• Previous work as a technical security architect or related security role in a company where there is a commitment to information security and technology
• Demonstrated experience using DAST and SAST tools and services
• Experience providing security information to developers
• Certifications such as GWEB, CASE, CSSLP, C|EH, or C|PENT preferred

KNOWLEDGE, SKILLS, ABILITIES

• Solid foundation in web application fundamentals and core security concepts involved in securing and/or hardening web applications. Including but not limited to HTTP, TLS, DNS, Domains, CDN, WAF, OSI Layers, OWASP, CWE, Git, Jenkins, Github and TCP vs UDP concepts.
• Including:
• Communicate effectively with engineers, business and executive leaders to assist in clear understanding of requirements and how to secure a variety of environments.
• Analyzes current offerings for business impact and exposure, based on emerging security threats, vulnerabilities and risks.
• Knowledge or experience with web application compliance standards or regulatory frameworks.
• Performing ad-hoc security tests and scans on web properties in support of confirming the validity of vulnerabilities and/or the degree of success in remediation actions.
• Identifying and reporting on security vulnerabilities, risks, and incidents.
• Recommending and implementing security patches, fixes, and enhancements.
• Developing and maintaining security policies, procedures, and documentation.
• Providing security training and awareness to the IT, development, and content teams.
• Staying up to date with the latest web security trends, threats, and standard methodologies.
• Experience breaking down complex systems and applications to find flaws
• Proficiency in reading, writing, and auditing .NET, C#, Python, Java, and/or JavaScript-based frameworks and the ability to pick up new languages/technologies
• Strong familiarity with common vulnerabilities and attack vectors
• Knowledge of web service technologies, load balancer services (i.e. Nginx, Cloudflare, F5, etc.) and RESTful APIs
• Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL/TLS, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
• Experience performing code analysis of large applications, manually and using SAST and DAST scanning solutions as well as conducting manual vulnerability analysis
• Solid understanding of secure network and system design in both cloud (AWS, Azure, etc.) and conventional environments
• The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management
• Excellent written and verbal communication skills, interpersonal and collaborative skills
• Must be a critical thinker, with strong problem-solving skills
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
• Self-starter, positive attitude, ability to work independently, enjoys learning and staying ahead of industry developments, regulations and standard methodologies.
  Our Mission is to enable our customers to make the world healthier, cleaner and safer. Watch as our colleagues explain 5 reasons to work with us. As one team of 100,000+ colleagues, we share a common set of values - Integrity, Intensity, Innovation, and Involvement - working together to accelerate research, solve complex scientific challenges, drive technological innovation and support patients in need. #StartYourStory at Thermo Fisher Scientific, where diverse experiences, backgrounds and perspectives are valued.

Please refer the Job description for details