Security Engineer I
Resilience is ushering in an era of “Biomanufacturing-as-a-Service” that we expect will displace in-house manufacturing as well as traditional contract manufacturing and development organizations (CDMOs). We see this as a paradigm shift in biomanufacturing akin to the IT industry’s adoption of Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) that rendered obsolete corporate-owned/operated data centers or corporate servers co-located in hosting facilities.
Resilience is looking for a Senior Security Engineer to support the implementation of the security vision, with supporting architectures and solutions, across the entire Resilience Digital Platform, with a focus on the intersection of industrial control systems (ICS), local computing and cloud computing. Working in cooperation with Security leadership and across the Digital business, implement this vision into control systems, and purchased and built technology. The Security Engineer will test and implement approaches for applying privacy enhancing technologies to protect Resilience and customer intellectual property.
The Security Engineer must have a broad technical knowledge of and experience with IT security, cloud computing, compliance frameworks, identity and access management, service-oriented architectures, distributed systems, networking, modern application architectures, and the like; plus, strong understanding of virtualization, storage systems, software-defined networks, Internet Protocol, high availability, and high scalability using modern techniques (scale out versus scale up).
- Support and Implement and manage security controls across the Resilience Digital Platform.
- Collaborate to help organize, design, and implement security tooling and automation.
- Work with security partners and 3rd parties, as needed.
- Utilize industry standard tools in new and creative ways to meet evolving business needs.
- Collaborate within Security Operations to help organize, design, and implement ICS security tooling and automation.
- Identify key investments to provide an appropriate level of security automation
- Work with multiple teams to implement NIST CSF, ISO/IEC 27001 and other control frameworks through the design and implementation of security controls across the Resilience Digital Platform.
- 5+ years’ experience in security or related fields
- Experience with development and automation techniques (e.g., DevOps, CI/CD pipelines)
- Experience with set up, configuration and use of SIEM, DAST, SAST, and other security tools.
- Experience securing systems spanning from end-point devices to servers, networks, and cloud computing
- Experience in the development and deployment of security products
- BS in Computer Science or related field, or equivalent work experience
- Experience leading challenging, strategically important, and risky initiatives.
- Technical knowledge of and experience with OT, IT, and IIoT security. Experience with cloud computing, compliance frameworks, identity and access management, service-oriented architectures, distributed systems, networking, modern application architectures, and the like; plus, strong understanding of virtualization, storage systems, software-defined networks, Internet Protocol, high availability, and high scalability using modern techniques (scale out versus scale up)
- Experience performing security assessments and information system audits of network, operating systems, application security, as well as auditing security processes
- Experience working in the health and life science fields, and an understanding of GxP and regulations that apply to healthcare data