As part of the Thermo Fisher Scientific team, you'll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every day to enable our customers to make the world healthier, cleaner, and safer. We provide our global teams with the resources needed to achieve individual career goals while helping to take science a step beyond by developing solutions for some of the world's toughest challenges, like protecting the environment, ensuring our food is safe, or helping find cures for cancer.
The Product Security team is a group of Builders, Breakers, and Fixers that specialize in collaborative security engagement. The goal of the Software Security (DevSecOps) team is to provide self-service security and to that end, the team is focused on enabling the 3 Ways of DevOps: Fast Flow, Rapid Feedback, and Continuous Learning. As the business moves through its digital transformation, the DevSecOps team is a vanguard for promoting and enabling DevOps practices across the organization. We aim to integrate and enhance current processes, remove bottlenecks, and enable safe experimentation whenever possible.
- Discover Impactful Work:
- A Day in the Life:
- As a software security engineer on the Product Security team, you will be responsible for promoting and implementing secure software development lifecycle (SDLC) practices, reviewing software security architecture and code, developing, and maintaining security tools and automation, and mentoring and training other engineers on security topics. You will also collaborate with product teams, security management, and other stakeholders to identify and drive process improvement initiatives and security metrics.- Work closely with development teams to identify and mitigate security risks in our software and systems.
- Implement and maintain security tools and processes to ensure the security of our software development lifecycle.
- Conduct security assessments and code reviews to identify vulnerabilities and ensure compliance with security standards and best practices.
- Collaborate with cross-functional teams to ensure the timely and successful delivery of secure software.
- Promote and implement Secure SDLC practices based on compliance requirements.
- Develop solutions to automate processes and workflows.
- Develop and promote automated scanning tools and practices throughout the organization.
- Identify and drive process improvement initiatives to increase our productivity and/or reduce costs.
- Develop metrics and reporting from aggregated sources to assist Software Security Management with remediation prioritization within the company.
- Contribute to the team's strategy and long-term roadmap.
- Keys to Success:
**Education**
- A bachelor's degree in Engineering or Computer Science is preferred (equivalent combinations of education, training, and relevant work experience may be considered).
**Experience**
- Basic understanding of container technologies and cloud providers such as AWS
- Familiarity with one or more of the following languages: C/C++, Java,.NET, JavaScript, Python, Bash, PowerShell, and/or Ruby.
- Familiarity with one or more development tools such as Eclipse, Visual Studio, Visual Studio Code, IntelliJ, Git, Jira, Jenkins, and/or Docker.
- Strong attention to detail.
- The ability to communicate effectively and professionally with a diverse group of people.
**Knowledge, Skills, Abilities**
- Self-motivated person with an agile attitude
- A history of involvement in general information security practice and/or the community.
- Proficient in written and verbal communication in the English language.
**Benefits**:
We offer competitive remuneration, annual incentive plan bonus, healthcare, and a range of employee benefits. Thermo Fisher Scientific offers employment with an innovative, forward-thinking organization, and outstanding career and development prospects. We offer an exciting company culture that stands for integrity, intensity, involvement, and innovation!
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other legally protected status. We will gladly provide reasonable accommodations covered under the ADA.