O pozici
When you’re part of the team at Thermo Fisher Scientific, you’ll do important work, like helping customers find cures for cancer, protecting the environment or making sure our food is safe. Your work will have real-world impact, and you’ll be supported in achieving your career goals!
What we do:
This role is a member of the Corporate Infrastructure & Security (CIS), Pre-Market Product Security, Strategy & Enablement team. Our job is to guide Thermo Fisher product development and sustainment teams in incorporating security concepts and controls in the design of new and existing consumer products and platforms.
Co budeš dělat
- This role serves as the strategic and operational bridge between product teams and the Pre-Market Product Security organization. The individual will help drive security strategy, prioritize and coordinate security activities, and ensure product teams receive the right security support at the right time to meet business objectives, regulatory requirements, and customer expectations.
- Partner with product teams and business leaders to align product security activities with product roadmaps, business priorities, and risk.
- Develop and deliver product security strategy and guidance for products, platforms, and portfolios across the product lifecycle.
- Coordinate and prioritize security engagements, ensuring appropriate services such as architecture reviews, threat modeling, penetration testing, etc. are executed effectively.
- Translate cybersecurity requirements, regulations, and security risks into actionable guidance, recommendations, and escalation paths for stakeholders and leadership.
- Drive operational excellence through process improvement, service optimization, playbooks, governance, metrics, and cross-functional collaboration to create a seamless stakeholder experience.
Koho hledáme
- Bachelor’s Degree in Information Assurance, Information Security, Management Information Systems, Computer Science, Engineering, or related technical field. Master’s Degree a plus. We will also consider equivalent field experience.
- 7+ years of related work experience with any of the following: security analyst, product security, secure software development, security architecture, risk assessment, vulnerability management, threat modeling, application security, or cybersecurity regulatory support.
- Experience working with product development, engineering, product management, regulatory, quality, or business teams in a technical advisory or security assessment capacity.
- Experience supporting multiple product lines, business units, or regional stakeholders in a matrixed global organization a plus.
- Relevant certifications (e.g., Security+, CISSP, SSCP, GSEC, CISM, PMP, Agile, Scrum) are preferred.
- Experience mentoring, coaching, or technically leading others is preferred.
- Familiarity with cybersecurity regulations, standards, and frameworks such as the EU Cyber Resilience Act (CRA), FDA cybersecurity guidance, NIST, OWASP, and secure-by-design principles.
- Strong understanding of product security principles, secure development practices, security architecture, threat modeling, vulnerability management, and risk assessment preferred.
Benefity
- Your work will have real-world impact, and you’ll be supported in achieving your career goals!
