Danaher Corporation Senior Cybersecurity Specialist in Bangalore, India
Help us improve access to life-changing therapies that can transform human health We are Cytiva, a global provider of technologies and services that advance and accelerate the development and manufacture of therapeutics. Formerly part of GE Healthcare, we have a rich heritage tracing back hundreds of years, and a fresh beginning since 2020.
Our customers undertake life-saving activities. These range from fundamental biological research to developing innovative vaccines, biologic drugs, and novel cell and gene therapies. Our job is to supply the tools and services - the pots, pans, soups and sauces - they need to work better, faster and safer, leading to better patient outcomes.
We are looking for a Senior Cybersecurity Specialist to work with our expert Cybersecurity team of globally distributed employees across the world. Do you have a passion for Cybersecurity? Then we would love to hear from you.
What you’ll do • As a senior technologist, you will be responsible to provide technology leadership for a team of cybersecurity engineers focused at applying Cytiva's secure-by-design and privacy controls across our product portfolio. Your responsibilities include: - To function as the technical point of contact for the cybersecurity CoE team. - To formulate mitigations/resolutions to vulnerabilities assessed, in conjunction with the product development teams, promoting best practices and secure development design patterns. - To continually reduce our threat and vulnerability response time through automation and process improvements • Own technical security assessments of products: - Lead cybersecurity assessments of our product portfolio through SAST, DAST, penetration testing, patch/vulnerability management, etc. - Review product architectures and develop security controls & solutions - Create and track meaningful metrics around product cyber risk and compensating controls - Define and implement strategy for high throughput automated patch testing • Engage in application and domain-specific threat modelling and attack surface analysis/reduction - Collaborate with product development teams to develop threat models - Identify and ensure resolution of possible security implications of every product/version release • Being the custodian of the governing processes designed to ensure traceability of cybersecurity compliance and vitality of our products - Manage all aspects of the cybersecurity central lab from resource and asset planning to ensuring optimal utilization, license compliance and maintenance. • Institutionalize cybersecurity initiatives and practices within the cybersecurity and larger product development teams, providing timely and actionable reports on adoption & efficacy - Produce evaluation reports of cybersecurity assessments and possible recommendation
Who you are • You have a Bachelor's or Master's degree in a relevant engineering discipline (Computer Engineering, Computer Science, Information Security) or equivalent. You have a minimum of 8 years full-time information security experience with minimum 2-3 years of experience in software & product development. Experience in the Biopharmaceutical industry is an advantage. Prior experience with one or more of the following practice areas is required: embedded devices, enterprise solutions, mobile application development, web/cloud hosted applications. • You are expected to have experience across a broad range of information security domains - security architecture, secure communication methods, cryptographic algorithm, key and certificate Page 2 / 2 management, security operations, fuzzing, penetration testing, SAAS/PAAS/IAAS/Cloud Security, Service Oriented Architecture, Systems Management. You will be required to demonstrate expertise across the Security Development Lifecycle processes. • You are experienced with a wide range of security tools: Microsoft Threat Modeling Tool, Fortify, Nessus, Black Duck, Nmap, Metasploit, Kali Linux, WireShark, etc. You are an experienced practitioner with OWASP, CVSS, FIPS 140-2, and DoD RMF. You have an understanding of information security risk management - exposure to risk concepts and models like FAIR, OCTAVE, etc. You have experience with the implementation and governance of cybersecurity frameworks such as NIST 800-53, ISO 27001, IEC 62443, etc. You have knowledge of application risk identification and evaluation techniques. • You have expertise across a range of operating systems and environments such as MS Windows, Linux, Embedded OS, etc. Prior experience in leading technical teams, expertise in agile is preferred. Expertise on DevSecOps is an advantage • Prior experience in leading technical teams and expertise in agile is preferred. • You mandatorily possess relevant cybersecurity certification (OSCP, OSWE, or CISSP preferred)
Who we are Whatever your role, we bring purpose and challenge into our everyday work. If you are driven to make the world a better place thanks to science and medicine, you’ll feel right at home here. If you’re flexible, curious and relentless, you’ll belong. If you are excited about a global culture, this can be the place to further your career. Want to know more? Experience life at Cytiva on our Careers website, Instagram channel and LinkedIn page! Cytiva is a 3.5 billion USD global life sciences leader with over 7000 associates across 40 countries who are dedicated to our mission to help us improve access to life-changing therapies that transform human health. As a trusted partner to customers that range in scale and scope, Cytiva brings efficiencies to research and manufacturing workflows, ensuring the development, manufacture and delivery of transformative medicines to patients. Cytiva is part of the Danaher family of companies, a global science and technology innovator committed to helping customers solve complex challenges and improving quality of life around the world.
Danaher Corporation and all Danaher Companies are equal opportunity employers that evaluate qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity, or other characteristics protected by law. The “EEO is the Law” poster is available here.