Manager, Application Security
When you’re part of the team at Thermo Fisher Scientific, you’ll do important work, like helping customers in finding cures for cancer, protecting the environment or making sure our food is safe. Your work will have real-world impact, and you’ll be supported in achieving your career goals.
How will you make an impact?
As a member of the Corporate Information Security Risk Management team, the Manager for Application Security is responsible for developing and managing a corporate-wide application and development security program. The role will have primary responsibility for developing and promoting the processes and procedures that will ensure the software developed by Thermo Fisher Scientific is secure and meets the highest standards for security while enabling teams to continue rapid innovation.
What will you do?
- Develop and maintain a team of application security analysts responsible for providing subject matter expertise to other internal Thermo Fisher Scientific teams
- Act as the primary point of contact for corporate and business group teams and drive adoption of secure development methods and practices throughout
- Drive standardization and integration of security testing tools such as static and dynamic analysis.
- Directly manage all vendors that provide security services or tools related to application security
- Increase awareness of secure development methods by developing and executing training specifically designed for application development teams
- Support the incident response and architecture teams when application security expertise is required
- Manage the corporate penetration testing program
- Conduct penetration testing when necessary to validate results or provide additional gap analysis
- Produce metrics and reporting for all activities related to the program including in-depth analysis results for technical teams and high-level overviews or scorecards or executive management
- Perform other duties as assigned
How will you get here?
Bachelor’s Degree in Computer Science, Information Technology, or equivalent work experience
- 5+ years’ experience in development operations or application security.
- 0-2 years’ direct management experience
- Demonstrated ability to evangelize application security concepts to a wide audience and influence decision-making processes
- Familiarity with a variety of development and testing tools such as: Eclipse, GIT, JIRA, Jenkins, Maven
- Familiarity with a variety of testing tools such as Veracode (SAST/DAST) and IBM AppScan
- Ability to explain OWASP Top 10 or CWE 25 to a variety of audiences, explain the impact of these weaknesses, and propose various defensive techniques
- Strong leadership skills with the ability to manage highly technical individuals
- Excellent verbal and written skills, with experience speaking in public forums and with executive level leaders
- Excellent customer service skills
Non-Negotiable Hiring Criteria:
- Strong attention to detail, organizational skills, time management
- Excellent verbal and written communication skills
- The ability to interact professionally with a diverse group: executives, managers, and subject matter experts
At Thermo Fisher Scientific, each one of our 65,000 extraordinary minds has a unique story to tell. Join us and contribute to our singular mission—enabling our customers to make the world healthier, cleaner and safer. Apply today http://jobs.thermofisher.com
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.