Staff Engineer, Software( DevSecOps, Vulnerability )

Work Schedule

Environmental Conditions

Job Description

Thermo Fisher Scientific Inc. is the world leader in serving science with an annual revenue of approximately $40 billion. Our Mission is to enable our customers to make the world healthier cleaner and safer. Whether our customers are accelerating life sciences research solving complex analytical challenges increasing productivity in their laboratories improving patient health through diagnostics or the development and manufacture of life-changing therapies we are here to support them. Our global team of more than 130000 colleagues delivers an unrivalled combination of innovative technologies purchasing convenience and pharmaceutical services through our industry-leading brands including Thermo Scientific Applied Biosystems Invitrogen Fisher Scientific Unity Lab Services Patheon and PPD. For more information please visit .

How will you make an impact

The ideal candidate enjoys working in a multi-disciplinary high-tech and international environment to tackle complex technical problems. We are driving security into the software development lifecycle and helping ensure the security of our products. This role requires a strong background in software security and DevOps practices.

Key Responsibilities

In this role you will assist the lead Project Manager with project management tasks to ensure plans are completed efficiently. This includes identifying and assessing vulnerabilities and helping software teams through the remediation process.

Expect close collaboration with the division product security architect DevOps teams software teams and product owners to integrate good software and product security practices into our workflows.

Adding and improving tools in the CI/CD pipeline maintaining comprehensive security documentation and leading security training goal is to make security an integral part of our software development process.

Technical Skills

• Solid understanding of DevSecOps tools and technologies: Static Code Analysis Dependency/Software composition analysis Secrets scanning Dynamic application Security testing SBOM creation and analysis

• Vulnerability management and security risk management techniques.

• Understanding of infrastructure as code and management tools (e.g. Terraform Ansible)

• Proficiency in programming / scripting languages such as Python C or C#

• Experience with project management methodologies (PMI PMBOK Agile).

• Experience with CICD SBOM creation and analysis tools

Qualifications

• Bachelors / Masters degree in computer science or a related field.

• 8-10 years of experience in DevSecOps and strong hands-on programming skill in C.

• Strong analytical and problem-solving skills

• Excellent communication and collaboration abilities

• Ability to work independently and as part of a team

• Relevant certifications (e.g. 3 CEH SANS) are a bonus.