Website Protection Architect

Job Description

When you join us at Thermo Fisher Scientific, you'll be part of an inquisitive team that shares your passion for exploration and discovery. With revenues of more than $40 billion and the largest investment in R&D in the industry, we give our people the resources and chances to create significant contributions to the world.

Location/Division Specific Information

Discover Impactful Work: As a Website Application Architect, you will be part of a distributed team passionate about reducing security findings across the Thermo Fisher Scientific web properties landscape. This group works across Infrastructure, Security and Product Teams to identify solutions and compensating controls that reduce risk faced by our colleagues, customers and partners.

A day in the Life:

• Review websites to ensure compliance with corporate standards

• Participate in architecture review board meetings to discuss non-compliance issues

• Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks

• Perform security architecture design reviews of our web application products (primarily cloud)

• Provide remediation guidance and recommendations to developers and administrators

• Work with Product Development teams to help prioritize and validate criticality of mitigation of identified product vulnerabilities and security feature enhancement requests

• Participate in incident response activities as necessary

• Partner with teams in the remediation of vulnerabilities and risk across a diverse ecosystem that spans traditional, web, infrastructure, and industrial product landscapes

Keys to Success:

This person will be able to identify and drive implementation of secure configurations relating to security deficiencies, including obtaining consensus from system owners across teams. This will require a creative, problem-solving approach and can-do demeanor that is continuously learning and challenging norms.

Education

• Bachelor's Degree in cybersecurity, computer science, engineering or other relevant field. Equivalent work experience also accepted.

Experience

• Experience as an Application/Product Security Engineer, Architect or Developer

• Experience in developing remediation and solutions for product or infrastructure vulnerabilities

• A background integrating security testing into the SDLC (preferably the SCRUM framework)

• Previous work as a technical security architect or related security role in a company where there is a commitment to information security and technology

• Demonstrated experience using DAST and SAST tools and services

• Experience providing security information to developers

• Certifications such as GWEB, CASE, CSSLP, C|EH, or C|PENT preferred

Knowledge, Skills, Abilities

• Solid foundation in web application fundamentals and core security concepts involved in securing and/or hardening web applications. Including but not limited to HTTP, TLS, DNS, Domains, CDN, WAF, OSI Layers, OWASP, CWE, Git, Jenkins, Github and TCP vs UDP concepts.

• Including:

• Communicate effectively with engineers, business and executive leaders to assist in clear understanding of requirements and how to secure a variety of environments.

• Analyzes current offerings for business impact and exposure, based on emerging security threats, vulnerabilities and risks.

• Knowledge or experience with web application compliance standards or regulatory frameworks.

• Performing ad-hoc security tests and scans on web properties in support of confirming the validity of vulnerabilities and/or the degree of success in remediation actions.

• Identifying and reporting on security vulnerabilities, risks, and incidents.

• Recommending and implementing security patches, fixes, and enhancements.

• Developing and maintaining security policies, procedures, and documentation.

• Providing security training and awareness to the IT, development, and content teams.

• Staying up to date with the latest web security trends, threats, and standard methodologies.

• Experience breaking down complex systems and applications to find flaws

• Proficiency in reading, writing, and auditing .NET, C#, Python, Java, and/or JavaScript-based frameworks and the ability to pick up new languages/technologies

• Strong familiarity with common vulnerabilities and attack vectors

• Knowledge of web service technologies, load balancer services (i.e. Nginx, Cloudflare, F5, etc.) and RESTful APIs

• Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL/TLS, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)

• Experience performing code analysis of large applications, manually and using SAST and DAST scanning solutions as well as conducting manual vulnerability analysis

• Solid understanding of secure network and system design in both cloud (AWS, Azure, etc.) and conventional environments

• The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management

• Excellent written and verbal communication skills, interpersonal and collaborative skills

• Must be a critical thinker, with strong problem-solving skills

• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity

• Self-starter, positive attitude, ability to work independently, enjoys learning and staying ahead of industry developments, regulations and standard methodologies.

Our Mission is to enable our customers to make the world healthier, cleaner and safer. Watch as our colleagues explain 5 reasons to work with us. As one team of 100,000+ colleagues, we share a common set of values - Integrity, Intensity, Innovation, and Involvement - working together to accelerate research, solve complex scientific challenges, drive technological innovation and support patients in need. #StartYourStory at Thermo Fisher Scientific, where diverse experiences, backgrounds and perspectives are valued.

Apply today! ~~~

Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Accessibility/Disability Access

Job Seekers with a Disability: Thermo Fisher Scientific offers accessibility service for job seekers requiring accommodations in the job application process. For example, this may include individuals requiring assistance because of hearing, vision, mobility, or cognitive impairments. If you are a job seeker with a disability, or assisting a person with a disability, and require accessibility assistance or an accommodation to apply for one of our jobs, please submit a request by telephone at ~~~*. Please include your contact information and specific details about your required accommodation to support you during the job application process.

• This telephone line is reserved solely for job seekers with disabilities requiring accessibility assistance or an accommodation in the job application process. Messages left for other purposes, such as not being able to get into the career website, following up on an application, or other non-disability related technical issues will not receive a response.

Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.