When you join us at Thermo Fisher Scientific, you'll be part of an inquisitive team that shares your passion for exploration and discovery. With revenues of more than $40 billion and the largest investment in R&D in the industry, we give our people the resources and chances to create significant contributions to the world.
**Location/Division Specific Information**
Discover Impactful Work: As a Website Protection Engineer, you will be part of a distributed team passionate about reducing security findings across the Thermo Fisher Scientific web properties landscape. This group works across Infrastructure, Security, and Product Teams to identify solutions and compensating controls that reduce risk faced by our colleagues, customers, and partners.
**A Day in the Life**:
- Review websites to ensure compliance with corporate standards.
- Participate in architecture review board meetings to discuss non-compliance issues.
- Cultivate meaningful relationships across Product, Infrastructure and Security teams to understand level of effort, existing compensating controls and necessary investment to implement critical security controls.
- Partner with teams to implement solutions to findings, reducing the risk to the company and our customers. Working with collaborators to provide vulnerability remediation guidance across web properties.
- Participates in incident response activities as necessary.
- Partner with teams in the remediation of vulnerabilities and risk across a diverse ecosystem that spans traditional, web, infrastructure, and industrial product landscapes.
**Keys to Success**:
This person will be able to identify and drive the implementation of mitigation relating to security deficiencies, including obtaining consensus from system owners across teams. This will require a creative, problem-solving approach and a can-do demeanor that is continuously learning and challenging norms.
**Education**
- A bachelor's degree in cybersecurity, computer science, engineering, or any other relevant field is preferred (equivalent combinations of education, training, and relevant work experience may be considered).
**Experience**
- 3+ years' experience in threat modeling, interpreting vulnerability disclosures, and assessing a publicly disclosed vulnerability's true risk and impact.
**Knowledge, Skills, Abilities**
- Communicate effectively with engineers, business, and executive leaders to assist in a clear understanding of requirements and how to secure various environments.
- Analyzes current offerings for business impact and exposure based on emerging security threats, vulnerabilities, and risks.
- Performing ad-hoc security tests and scans on web properties in support of confirming the validity of vulnerabilities and/or the degree of success in remediation actions.
- Identifying and reporting on security vulnerabilities, risks, and incidents.
- Recommending and implementing security patches, fixes, and enhancements.
- Developing and maintaining security policies, procedures, and documentation.
- Providing security training and awareness to the IT, development, and content teams.
- Staying current with the latest web security trends, threats, and standard methodologies.
**Benefits**:
We offer competitive remuneration, annual incentive plan bonus, healthcare, and a range of employee benefits. Thermo Fisher Scientific offers employment with an innovative, forward-thinking organization, and outstanding career and development prospects. We offer an exciting company culture that stands for integrity, intensity, involvement, and innovation!
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other legally protected status. We will gladly provide reasonable accommodations covered under the ADA.