Product Security Strategist
4 weeks ago
Work Schedule
OtherEnvironmental Conditions
OfficeJob Description
When you're part of the team at Thermo Fisher Scientific, you'll do important work, like helping customers in finding cures for cancer, protecting the environment or making sure our food is safe. Your work will have real-world impact, and you'll be supported in achieving your career goals.
This role is a member of the Corporate Infrastructure & Security (CIS), Product and Software Security, Business Enablement team and evaluates and guides Thermo Fisher product development teams on the incorporation of security concepts and controls in the design of new and existing consumer products and platforms.
How will you make an impact?
By enabling our product development and sustainment teams, you will help ensure that Thermo Fisher products are developed and tested against security standards, further helping our customers to make the world healthier, cleaner and safer.
The Role
The Product Security Strategist shares the responsibility for security associated with the company's Product Security program. They will work with all parts of the program, including research, testing and validation of a product platforms, education, and integration of solutions with the overarching CIS program.
- Work closely with key Senior Strategists and product development leaders to ensure security is incorporated in all customer-facing product offerings.
- Support efforts to instill security into all levels of the development process.
- Evaluate business processes around product security and anticipate requirements, uncover areas for improvement, and help develop and implement solutions leading to the integration of security within the product lifecycle.
- Review existing processes to ensure consistent application of secure development lifecycle practices.
- Build working relationships with product development team members, to maintain and improve product and application security processes.
- Maintain product portfolios for relevant lines of business.
- Contribute to maturing process, policy, and standards.
- Work with members across business units to help prioritize remediation of security vulnerabilities discovered during the security assessment process.
- Coordinate and participate in delivering threat modeling for products.
- Proactively ensure that applicable regulatory mandates are addressed with mitigating or compensating controls.
- Coordinate/participate in and perform design reviews, peer reviews, and code reviews.
- Ensure excellent consistency, documentation, and process across all programs.
- Collaborate with other departments (e.g., Risk Management, Internal Audit, HR, Legal, etc.) ensuring that compliance issues are routed to the appropriate teams for investigation and resolution.
- Travel up to 10%.
How will you get here?
- Bachelor's Degree in Information Assurance, Information Security, Management Information Systems, Risk Management, or Computer Science (Master's Degree a plus) / equivalent field experience.
- 5+ years of related work experience with information or product security, secure software development, risk assessment, or vulnerability management
Knowledge, Skills, Abilities
- Understanding of device research methods, variables and parameters including analysis, testing and documentation
- Knowledge of security controls and standards, including OWASP Top 10, CIS 20, NIST, ISO, IEC and their application for medical devices
- Understanding of how to connect new and changing threats to IoT landscape
- Understanding of security protocols and concepts and the ability to translate to a product specific context
- Strong customer service background, with outstanding verbal and written communication skills required
- Strong interpersonal skills with a proven track record of explaining security concepts
- Strong attention to detail, organizational skills supporting project management
- Consistent record of positive, professional interactions with diverse audiences, including executives, managers, and domain experts
- Relevant technical certifications a plus
At Thermo Fisher Scientific, each one of our 70,000 extraordinary minds has a unique story to tell. Join us and contribute to our singular mission—enabling our customers to make the world healthier, cleaner and safer.
Apply today
Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
-
Product Security Strategist
2 weeks ago
Shanghai, Shanghai, China Thermo Fisher Scientific Full timeBy enabling our product development and sustainment teams, you will help ensure that Thermo Fisher products are developed and tested against security standards, further helping our customers to make the world healthier, cleaner and safer. The Role The shares the responsibility for security associated with the company's Product Security program. They...
-
Strategist
2 weeks ago
Shanghai, Shanghai, China Media Full timeRole Media.Monks is looking for a Strategist to join our team in Shanghai. This strategist will work with our existing and prospective clients in creating ground-breaking strategies, and help businesses define the strategic direction they should take in the digital space. Responsibilities Build trust: Become a trusted consultant for our teams and...
-
Product Security Architect
2 weeks ago
Shanghai, Shanghai, China Thermo Fisher Scientific Full timeJob Description: Evaluate and offer technical security architecture advice on the design and implementation of products Provide technical expertise on security topics such as Cloud, e-Commerce, IoT, Endpoint, Network, and Servers Maintain and enhance a comprehensive cybersecurity reference architecture Support the creation of reusable technologies and...
-
Cyber Security Product Manager
2 weeks ago
Shanghai, Shanghai, China Bureau Veritas Group Full timeResponsibilities: In charge of overseeing the entire Industrial Cyber Security service development process and responsible for yearly service revenue Ensure BV China Operations' compliance with product accreditation and related regulations, and contribute to international accreditations management Aid in crafting the marketing and sales strategy for...
-
Shanghai, Shanghai, China Philips Full timeJob TitleProduct Security Professional – Greater China MarketJob DescriptionJob DescriptionThe Product Security Professional will be responsible for advancing the practice of product security risk assessment and design across Business Units in Greater China Market. The role will require influence through collaboration with Q&R, R&D, Sales, Service and RA...
-
Product Security Professional – Greater China Market
2 months ago
Shanghai, Shanghai, China Philips Full timeJob TitleProduct Security Professional – Greater China MarketJob DescriptionJob DescriptionThe Product Security Professional will be responsible for advancing the practice of product security risk assessment and design across Business Units in Greater China Market. The role will require influence through collaboration with Q&R, R&D, Sales, Service and RA...
-
Shanghai, Shanghai, China Stryker Full timeWhy join Stryker?We are proud to be named one the World's Best Workplaces and a Best Workplace for Diversity by Fortune Magazine Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards –...
-
Software Security Engineer
5 days ago
Shanghai, Shanghai, China Thermo Fisher Scientific Full timeJob DescriptionWhat we doThe Product Security team is a group of Builders, Breakers, and Fixers that specialize in collaborative security engagement. The goal of the Software Security (DevSecOps) team is to provide self-service security and to that end, the team is focused on enabling the 3 Ways of DevOps: Fast Flow, Rapid Feedback, and Continuous Learning....
-
Information Security Lead China
2 weeks ago
Shanghai, Shanghai, China Smith+Nephew Full timeSmith + Nephew is seeking an experienced Information Security professional to take on a role as primary Security Lead for China operations. The successful candidate will provide in-country support and guidance to the local IT and Business teams, applying Global Information Security Strategy and Governance, and manage compliance with China Cybersecurity Law...
-
Senior Security Engineer
2 weeks ago
Shanghai, Shanghai, China Riot Games Full timeResponsibilities: Manage and maintain the measurement to monitor and report on the control effectiveness in all information security area in China Ensure the local security governance fulfillment, e.g. MLPS Conduct security risk management tasks and collaborate with teams of different functions to encourage the security concept across the business...
-
Senior Container Security Engineer
2 weeks ago
Shanghai, Shanghai, China SAP Full timeWe help the world run better At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and...
-
Senior Container Security Engineer
2 weeks ago
Shanghai, Shanghai, China SAP Full timeWe empower individuals to unleash their full potentialJoining SAP means embracing a culture of teamwork and mutual dedication to improving global operations. Integrating advanced technologies, we strive daily to lay the groundwork for a better future while fostering diversity, flexibility, and purpose-driven work environments. Our collaborative and...
-
Cyber Security
2 months ago
Shanghai, Shanghai, China Cognizant Technology Solutions Full timeApp Security SpecialistQualification:BE graduate MCA graduate.Responsibility:Requirements Gathering: 'Understand functional and non functional application security requirements. Raise queries and seek clarification.Design & Analysis: 'Develop proof of concept. Understand dependency between applications/components vs design specification and raise...
-
In-vehicle Cyber Security Engineer
2 weeks ago
Shanghai, Shanghai, China Ford Motor Company Full timeFocus on Mobile App and Browser-based products' cybersecurity and act as cybersecurity SME Co-lead Vehicle/API Security Operations Center system design, development, deployment, and operations Provide cybersecurity technical services including but not limited to developing cybersecurity specifications, performing threat and risk assessment, performing...
-
Support Escalation Engineer-Security
2 weeks ago
Shanghai, Shanghai, China Microsoft Full timeOverview With over 18,000 employees worldwide, the Microsoft Customer Experience & Success (CE&S) organization is responsible for the strategy, design, and implementation of Microsoft's end-to-end customer experience. Come join CE&S and help us build a future where customers come to us not only because we provide industry-leading products and services,...
-
Consultant Cyber Security
2 weeks ago
Shanghai, Shanghai, China MHP - A Porsche Company Full timeTasksTasks Are you interested in the topics relating to cyber security in auto industry? Are you interested in working in China? Then become part of our team and shape the successful digital future of our customers together with us. Will be responsible for consulting project of SUMS (Software Update Management System) and CSMS (Cyber Security Management...
-
Securities Private Banking Manager
2 months ago
Shanghai, Shanghai, China Selby Jennings Full timeJob responsibilities:Develop and implement a business plan for the private wealth team based on the overall development strategy of the company and department;Responsible for the business operations of the private wealth team, leading the team to achieve the operational targets set by the company;Lead the team to expand business, develop channels, improve...
-
Regional Technical Security Risk Manager – GCA
2 weeks ago
Shanghai, Shanghai, China 3M Full timeJob Description:The Impact You'll Make in this RoleAs the Regional Technical Security Risk Manager, you will have the opportunity to tap into your curiosity and collaborate with innovative and diverse individuals from around the globe. Here, you will make an impact by:Act as a point of contact with the global technical security risk team.Offer security...
-
Shanghai, Shanghai, China Marriott International Full timeJOB DESCRIPTIONLead and oversee the security architecture and engineering team for the Greater China region. Certification of Security Control attestations and assessment of control implementation to grant Approval for new infrastructure, services, applications, and processes in Marriott's Production Environments. Utilize Security Engagement processes,...
-
Manager Group Strategy
4 weeks ago
Shanghai, Shanghai, China Philips Full timeJob TitleManager Group StrategyJob DescriptionAre you a highly talented strategist, currently working for a top-tier strategy consulting firm, who can support the Philips Executive Committee to make decisions?In this role you have the opportunity toInfluence strategy and growth in a leading Health Technology company. As a Manager in the Strategy team, you...