Senior Product Security Strategist

When you’re part of the team at Thermo Fisher Scientific, you’ll do important work, like helping customers in finding cures for cancer, protecting the environment or making sure our food is safe. Your work will have real-world impact, and you’ll be supported in achieving your career goals!

This role is a member of the Corporate Infrastructure & Security (CIS), Product and Software Security, Business Enablement team. Our job is to guide Thermo Fisher product development and sustainment teams in incorporating security concepts and controls in the design of new and existing consumer products and platforms.

Location/Division Specific Information

Remote/Carlsbad, CA

How will you make an impact?

By enabling our product development teams, you will help ensure that Thermo Fisher products are developed and tested against security standards, further helping our customers to make the world healthier, cleaner and safer!

What will you do?

We balance multiple projects across a variety of business units, specializing in various areas of life science technology and bring a security focused perspective into their development activities.

We work closely with key product development leaders to ensure security is incorporated in all customer-facing product offerings, through evaluation of product security related business processes, anticipating requirements, uncovering areas for improvement, and helping develop and implement solutions. Our partnerships with these business and product leaders leading to the adoption of and enabling consistent application of secure development standard methodologies across the enterprise.

We guide these teams in applying and documenting security controls to assist in meeting various regulatory requirements.

We assess customer facing products for security issues and identify, collect and analyze security vulnerabilities present and help the product team with remediation planning and guidance.

We do this through education of our business partners on program, risks, and importance of security in our products.

We also have the opportunity to coordinate, participate, and deliver threat modeling for products.

We collaborate with other departments (e.g., Risk Management, Internal Audit, HR, Legal, etc.) to address compliance issues with appropriate existing channels for investigation and resolution.

You will provide leadership, coaching and mentoring to team members on your areas of expertise.

How will you get here?

• Bachelor’s Degree in Information Assurance, Information Security, Management Information Systems, Risk Management, or Computer Science (Master’s Degree a plus). We will also consider equivalent field experience
• 6+ years of related work experience with product security, secure software development, risk assessment, or vulnerability management

Knowledge, Skills, Abilities

• Strong skills in analysis and evaluation of processes and methods.
• Excellent project management, interpersonal customer service and documentation skills.
• Familiarity with security controls, and their applications.
• Strong technical skills as they apply to networking and communication protocols
• Understanding of regulatory requirements, especially for medical devices.
• Exposure to popular application security standards including OWASP ASVS and Top 10
• Ability to explain and champion security concepts