Cybersecurity Trust by Design Senior Engineer
Cybersecurity Trust by Design Senior Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 126906 - 190360
1 Vacancy
Job Description
Leverage technology to impact patients and ultimately save lives!
Do you have expertise in and passion for cyber security Would you like to apply your expertise to impact product security in a company that follows the science and turns ideas into lifechanging medicines If so AstraZeneca might be the one for you!
Accountabilities:
At AstraZeneca we are dedicated to building secure resilient and credible products for our customers. Our cybersecurity team is a crucial part of this mission ensuring our systems and solutions are designed with security at their core. We are seeking a Trust by Design Cybersecurity Senior Engineer to join our team and drive the integration of trust and security into every stage of our product development lifecycle.
As a Trust by Design Cybersecurity Senior Engineer you will apply your expertise in system development software security and enterprise architecture to build and maintain security frameworks that enhance the trustworthiness of our products and services. You will collaborate with multifunctional teams to embed security throughout the development lifecycle and ensure that the best standard methodologies security architecture and threat modeling are applied consistently.
What youll do:
System Development Lifecycle (SDLC) Integration: Work with product development teams to integrate security into each phase of the SDLC ensuring security is a primary consideration from design to deployment.
Threat Modeling & Risk Analysis: Identify and assess potential security risks and vulnerabilities within the system architecture product design and enterprise systems. Lead threat modeling exercises to proactively detect risks early in the development lifecycle.
Security Architecture & Design Patterns: Develop and enforce securityfocused architecture and design patterns to improve system resilience and security across products and services. Build reusable scalable security controls that are adaptable to various development teams.
Attack Patterns & TTPs: Use a deep understanding of attack patterns techniques tactics and procedures (TTPs) to identify security gaps and build compensating and mitigating controls that bolster trust and resilience across enterprise systems and applications.
OWASP Recommended Patterns: Handson experience in implementing OWASPs recommended secure coding patterns ensuring that security standard methodologies are embedded into the software development process and aligned with industry standards.
Security Automation & Resilience: Collaborate with engineering teams to implement automated security testing and monitoring solutions that promote early detection of threats and improve system resilience.
Multifunctional Collaboration: Work closely with engineering DevOps and other collaborators to promote security standard processes and drive a securityfirst culture across the organization. Provide mentorship and support to other teams on secure coding practices vulnerability management and compliance requirements.
Incident Response & Remediation: Assist in security incident investigations and give to developing remediation strategies that prevent similar incidents in the future.
Continuous Improvement: Stay uptodate with industry trends and emerging security technologies. Share knowledge and contribute to continuous improvements in security processes tools and frameworks.
Essential Skills/Experience
Bachelors Degree
Minimum 6 years of relevant experience
Proven experience in the system development lifecycle (SDLC) software/product development or software security.
Deep understanding of security principles threat modeling and risk management.
Expertise in security frameworks security tooling and secure coding practices.
Strong experience in building and maintaining security architectures and reusable security design patterns.
Handson experience with tools and technologies for vulnerability scanning penetration testing and security automation.
Excellent problemsolving skills and the ability to think critically about security threats and mitigation strategies.
Strong communication skills with the ability to successfully communicate with technical and nontechnical collaborators.
Desirable Skills/Experience
Bachelors degree in Computer Science Cybersecurity Engineering or related field (or equivalent experience).
Deep understanding of attack patterns techniques tactics and procedures (TTPs) and experience developing compensating and mitigating controls to enhance trust and resilience in products and enterprise systems.
Extensive handson experience with OWASP recommended security patterns and standard processes.
Experience with cloud environments (AWS Azure GCP) and containerization technologies (Docker Kubernetes).
Certifications such as CISSP CISM CEH or similar.
Familiarity with regulatory frameworks (GDPR HIPAA PCI DSS) and industry standard processes.
Experience working in agile or DevOps environments.
When we put unexpected teams in the same room we unleash bold thinking with the power to inspire lifechanging medicines. Inperson working gives us the platform we need to connect work at pace and challenge perceptions. Thats why we work on average a minimum of three days per week from the office. But that doesnt mean were not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world.
The annual base pay (or hourly rate of compensation) for this position ranges from $126906 to $190360. Hourly and salaried nonexempt employees will also be paid overtime pay when working qualifying overtime hours. Base pay offered may vary depending on multiple individualized factors including market location jobrelated knowledge skills and experience. In addition our positions offer a shortterm incentive bonus opportunity; eligibility to participate in our equitybased longterm incentive program (salaried roles) to receive a retirement contribution (hourly roles) and commission payment eligibility (sales roles). Benefits offered included a qualified retirement program 401(k) plan; paid vacation and holidays; paid leaves; and health benefits including medical prescription drug dental and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired employee will be in an atwill position and the Company reserves the right to modify base pay (as well as any other discretionary payment or compensation program) at any time including for reasons related to individual performance Company or individual department/team performance and market factors.
AstraZeneca is a place where technology meets science to create lifechanging medicines. We empower our teams to innovate using innovative technology platforms combined with data analytics AI machine learning and more. Our collaborative environment fosters growth through hackathons continuous learning opportunities and crossfunctional teamwork. With significant investment backing us we are driving industrywide change at an unprecedented scale.
Ready to make a difference Apply now!
Date Posted
05May2025Closing Date
19May2025Our mission is to build an inclusive and equitable environment. We want people to feel they belong at AstraZeneca and Alexion starting with our recruitment process. We welcome and consider applications from all qualified candidates regardless of characteristics. We offer reasonable adjustments/accommodations to help all candidates to perform at their best. If you have a need for any adjustments/accommodations please complete the section in the application form.Required Experience:
Senior IC
Employment Type
Full-Time
