Job Description

General Information When you’re part of the team at Thermo Fisher Scientific, you’ll do important work, like helping customers in finding cures for cancer, protecting the environment or making sure our food is safe. Your work will have real-world impact, and you’ll be supported in achieving your career goals! This role is a member of the Corporate Infrastructure & Security (CIS), Product and Software Security, Business Enablement team. Our job is to guide Thermo Fisher product development and sustainment teams in incorporating security concepts and controls in the design of new and existing consumer products and platforms. How will you make an impact? By enabling our product development teams, you will help ensure that Thermo Fisher products are developed and tested against security standards, further helping our customers to make the world healthier, cleaner and safer! What will you do?

• We balance multiple projects across a variety of business units, specializing in various areas of life science technology and bring a security focused perspective into their development activities.
• We work closely with key product development leaders to ensure security is incorporated in all customer-facing product offerings, through evaluation of product security related business processes, anticipating requirements, uncovering areas for improvement, and helping develop and implement solutions. Our partnerships with these business and product leaders leading to the adoption of and enabling consistent application of secure development standard methodologies across the enterprise.
• We guide these teams in applying and documenting security controls to assist in meeting various regulatory requirements.
• We assess customer facing products for security issues and identify, collect and analyze security vulnerabilities present and help the product team with remediation planning and guidance.
• We do this through education of our business partners on program, risks, and importance of security in our products.
• We also have the opportunity to coordinate, participate, and deliver threat modeling for products.
• We collaborate with other departments (e.g., Risk Management, Internal Audit, HR, Legal, etc.) to address compliance issues with appropriate existing channels for investigation and resolution.
• You will provide consultation and coordination expertise to the product teams.

• Bachelor’s Degree in Information Assurance, Information Security, Management Information Systems, Risk Management, or Computer Science. We will also consider equivalent field experience

• 2+ years of IT related work experience with a security focus, such as product security, secure software development, risk assessment, or vulnerability management

• Strong skills in analysis and evaluation of processes and methods.
• Excellent project management, interpersonal customer service and documentation skills.
• Familiarity with security controls like NIST CSF, ISO 27002
• Technical knowledge of networking and communication protocols
• Exposure to regulatory requirements to security
• Exposure to popular application security standards including OWASP ASVS and Top 10
• Ability to precisely document and track security items and outcomes with product teams