Thermo Fisher Scientific Senior Security Operations Engineer in Branford, Connecticut

Job Description

The Digital Science group of Thermo Fisher Science, located in Branford, Connecticut is looking for a skilled Technical Operations Engineer with a strong background in information security to join our team. The role entails the implementation and management of security measures to support continuous analysis of systems to identify and resolve security issues. You will be responsible for security analysis, defenses and countermeasures to support a secure, robust and reliable environment for applications to be deployed in. The primary responsibility of the Technical Operations team is to delivery Core’s cloud-based products and underlying informatics platform with high availability, scalability, fault-tolerance, quality and security. The team manages and maintains customer production as well as internal environments in the cloud.

Responsibilities

  • Implement, test and operate advanced security techniques in compliance with industry best practices.

  • Develop and manage an information security strategy for products and processes.

  • Design security controls with the Cloud shared responsibility model and global infrastructure.

  • Design identity/access management and governance controls.

  • Design protection of Data at Rest and in Flight, and Network Perimeter controls.

  • Implement and manage automated network security, application security, auditing and validation.

  • Counsel your colleagues on information security practices.

  • Leverage attack tools to test for vulnerabilities.

  • Gain a thorough knowledge of attack vectors that may be used to exploit software.

  • Research/identify flaws and remedy mistakes.

  • Partner with Corporate Informatics Security (CIS) teams to share ideas and implement corporate requirements.

  • Work with software and operations teams to align security practices across solutions delivered to customers.

  • Design, maintain and improve quality, performance, scalability and availability of 24X7 production and internal environments.

  • Proactively monitor services and respond to and troubleshoot issues.

  • Escalate problems (when required) to appropriate Core Informatics team members.

  • Maintain processes, tools, and documentation in support of the customer environments.

  • Identify opportunities to implement automation and carry through on implementation.

  • Plan and perform scheduled maintenance and product upgrades (during and after-hours) on rotation basis.

  • Deploy new versions of software to customer systems.

  • Work in scheduled on-call rotation.

  • Author and contribute to Infrastructure Documentation and Knowledgebase.

  • Implement information security management systems and compliance controls

  • Stay current with latest technical and security breakthroughs and vulnerabilities and industry best practices.

Qualifications

Required

  • Bachelors in Computer Science, Electrical Engineering, Computer Engineering or a related field, or 4 years of equivalent experience

  • Minimum of 4 years’ proven work experience as a security engineer in all aspects of security research and development.

  • Minimum of 4 years’ administration experience and in-depth knowledge of operation systems and networking (processes, logs, sockets, shell, TCP/IP, DNS, LDAP, firewalls, load balancers, SSL, VPN, OSI layers).

  • Working knowledge of all vulnerability classes on the OWASP Periodic Table of Vulnerabilities.

  • Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation.

  • Experience with Penetration testing, IDS/IPS, OWASP, SANS Top 25 and CWE

  • Strong experience in developing and executing vulnerability assessments (static and dynamic).

  • Knowledge of Web Application Firewalls (WAF), IDS/IPS, Penetration Testing and Scanning tools and technologies

  • Experience working with third party service providers to support security assessment and testing.

  • Experience working with Corporate Informatics Security (CIS) security organization.

  • Experience running medium to large scale multi-tier distributed systems with Linux/Unix, Windows OS, VMWare, Apache Tomcat and Java

  • Experience with Oracle: configuration, troubleshooting, and management.

  • Strong scripting experience including shell scripting (Linux, Windows), Python, Perl, PHO, C/C++ Knowledge of agile software development and release management processes

  • Ability to effectively prioritize and execute tasks in high-pressure environment

  • Exceptional customer service orientation

  • Systematic approach to problem solving and strong sense of ownership

  • Excellent written and verbal communication skills

Preferred

  • Experience with Amazon Web Services (AWS) highly desirable.

  • Experience with cloud based architectures.

  • Experience with compliance and regulatory programs Service Organization Controls (SOC), HIPAA, NIST, FISMA.

  • Experience with service containerization and distributed architectures (e.g., Docker, Kubernetes, Mesos) .

  • Experience with Alert Logic.

  • Experience with Continuous Integration (CI) and Continuous Delivery (CD.) Tools: Jenkins, GIT, Chef

  • Informatics experience with LIMS and other related software packages is high desirable

  • Open to working flexible hours.

  • Relevant security certifications or related knowledge/experience a plus: e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), others

If you are an individual with a disability who requires reasonable accommodation to complete any part of our application process, click here at https://jobs.thermofisher.com/page/show/eeo-affirmative-action-statement#accessibility for further assistance.

Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.