CyberSecurity Architect

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Work Schedule

Standard (Mon-Fri)

Environmental Conditions

Office

Job Description

As part of the Thermo Fisher Scientific team youll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every single day to enable our customers to make the world healthier cleaner and safer. We provide our global teams with the resources needed to achieve individual career goals while helping to take science a step beyond by developing solutions for some of the worlds toughest challenges like protecting the environment making sure our food is safe or helping find cures for cancer.

Key Responsibilities

Product & Platform Security Architecture

Define cybersecurity architecture for scientific instruments embedded systems and connected applications across Android Debian Java/C and Eclipse RCP platforms.
Design secure architectures for desktop analysis applications (Java-based Swing RCP and modern web-stack front ends).
Architect secure cloud infrastructure andapplicationsin AWS aligning with AWS Well-Architected Framework and healthcare/clinical data protection requirements.
Establish threat models and security controls for interconnected lab ecosystems(support for lab of the future) including ingestion pipelines assay workflows and instrument-to-cloud communication.

Regulatory & Standards Compliance (Dx Global)

Lead cybersecurity compliance strategy for regulated diagnostic products ensuring alignment with:
FDA Premarket Cybersecurity Guidance & 21 CFR 820

IVDR Annex I and MDCG cybersecurity expectations
NMPA cybersecurity and data protection requirements
EU Cyber Resilience Act (CRA) obligations
SBOM/Software Lifecycle requirements (FDA CRA)
Support RUO Clinical Laboratory and LDT workflows withappropriate risk-basedsecurity controls.
Ensure alignment with global standards: ISO 27001/UL 2900 and OWASP MAS/ASVS.

Secure Software Development Lifecycle (SSDLC)

Define andmaintainsecure coding and review practices for Java C Python and front-end frameworks.
Lead integration of StaticApplicationSecurityTesting SoftwareCompositionAnalysisIaCscanning container security and SBOM generation into CI/CD pipelines.
Guide engineering teams on secure-by-design patterns secret management secure comms and secure data flows.

Threat Modeling Risk Assessment & Vulnerability Management

Own threat modeling (STRIDE attack trees misuse cases) for instrument firmware embedded OS desktop clients and cloud services.
Define vulnerability management processes acrosson-premiseand cloud deployments.
Ensure secure configuration baselines for Android and Debian-based instruments.
Partner with product security teams to evaluate zero-day impact develop mitigations and coordinate disclosures where.

Cloud Connectivity & Data Protection

Architect secure connectivity between instruments desktop clients and cloud systems including TLS mutual authentication key rotation and certificate management.
Oversee data privacy and protection controls (PII PHI genomic and assay-derived data) in compliance with HIPAA GDPR and global equivalents.
Ensure secure API design identity & access management least privilege-based role models and zero-trust principles in AWS.

Cross-Functional Leadership

Collaborate with system architects R&D teams product ownersCISand regulatory/quality teams to ensure all products meet security and regulatory expectations.
Provide cybersecurity requirements into PRDs system architecture and risk files.
Serve as the technical lead during regulatory submissions and audits (FDA EU Notified Bodies NMPA).
Champion security culture through training secure design reviews andbest-practiceguidance.

Required Experience:

Staff IC

Work ScheduleStandard (Mon-Fri)Environmental ConditionsOfficeJob DescriptionAs part of the Thermo Fisher Scientific team youll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every single day to enable our customers to make...

Work Schedule

Standard (Mon-Fri)

Environmental Conditions

Office

Job Description

Key Responsibilities

Product & Platform Security Architecture

Define cybersecurity architecture for scientific instruments embedded systems and connected applications across Android Debian Java/C and Eclipse RCP platforms.
Design secure architectures for desktop analysis applications (Java-based Swing RCP and modern web-stack front ends).
Architect secure cloud infrastructure andapplicationsin AWS aligning with AWS Well-Architected Framework and healthcare/clinical data protection requirements.
Establish threat models and security controls for interconnected lab ecosystems(support for lab of the future) including ingestion pipelines assay workflows and instrument-to-cloud communication.

Regulatory & Standards Compliance (Dx Global)

Lead cybersecurity compliance strategy for regulated diagnostic products ensuring alignment with:
FDA Premarket Cybersecurity Guidance & 21 CFR 820

IVDR Annex I and MDCG cybersecurity expectations
NMPA cybersecurity and data protection requirements
EU Cyber Resilience Act (CRA) obligations
SBOM/Software Lifecycle requirements (FDA CRA)
Support RUO Clinical Laboratory and LDT workflows withappropriate risk-basedsecurity controls.
Ensure alignment with global standards: ISO 27001/UL 2900 and OWASP MAS/ASVS.

Secure Software Development Lifecycle (SSDLC)

Define andmaintainsecure coding and review practices for Java C Python and front-end frameworks.
Lead integration of StaticApplicationSecurityTesting SoftwareCompositionAnalysisIaCscanning container security and SBOM generation into CI/CD pipelines.
Guide engineering teams on secure-by-design patterns secret management secure comms and secure data flows.

Threat Modeling Risk Assessment & Vulnerability Management

Own threat modeling (STRIDE attack trees misuse cases) for instrument firmware embedded OS desktop clients and cloud services.
Define vulnerability management processes acrosson-premiseand cloud deployments.
Ensure secure configuration baselines for Android and Debian-based instruments.
Partner with product security teams to evaluate zero-day impact develop mitigations and coordinate disclosures where.

Cloud Connectivity & Data Protection

Architect secure connectivity between instruments desktop clients and cloud systems including TLS mutual authentication key rotation and certificate management.
Oversee data privacy and protection controls (PII PHI genomic and assay-derived data) in compliance with HIPAA GDPR and global equivalents.
Ensure secure API design identity & access management least privilege-based role models and zero-trust principles in AWS.

Cross-Functional Leadership

Collaborate with system architects R&D teams product ownersCISand regulatory/quality teams to ensure all products meet security and regulatory expectations.
Provide cybersecurity requirements into PRDs system architecture and risk files.
Serve as the technical lead during regulatory submissions and audits (FDA EU Notified Bodies NMPA).
Champion security culture through training secure design reviews andbest-practiceguidance.

Required Experience:

Staff IC

Key Skills

APIs
Pegasystems
Spring
SOAP
.NET
Hybris
Solution Architecture
Service-Oriented Architecture
Adobe Experience Manager
J2EE
Java
Oracle

Apply Now

About Company

Thermo Fisher Scientific

Electron microscopes reveal hidden wonders that are smaller than the human eye can see. They fire electrons and create images, magnifying micrometer and nanometer structures by up to ten million times, providing a spectacular level of detail, even allowing researchers to view single a ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click