Senior Security Software Engineer

Parexel International Corporation

Multiple Locations

The Security Software Engineer is responsible for injecting good security practices into the lifecycle of software development at AI labs. This includes advising on overall security posture, leading by example and making pull requests into the core software, performing hands-on re-architecting of the cloud-based infrastructure, advising on endpoint security, handling SOC2 and other compliance regimes, and handling security issues and incidents. You will collaborate closely with AI Labs engineering, ML research, infrastructure, and Parexel information security teams in your role. This is a broad and variable role for someone who loves a combination of hands-on engineering, security architecture, and security policy.

Responsibilities include:

Serve as hands-on infosec expert on engineering team Develop and maintain application security / architecture through direct contributions to the code baseWorking with team leadership, foster and champion culture of secure developmentCollaborate with engineers to teach secure coding practices

Own security aspects of infrastructure Maintain, monitor, troubleshoot, and analyze AI Labs security infrastructureCollaborate with IT/cloud infrastructure team to ensure good data and infrastructure security practicesIdentify security risks and develop mitigation plansCollaborate with IT/cloud infrastructure teams to run exercises and war games to ensure preparedness and resilience of core systemsCollaborate with IT team on endpoint security systems

Vulnerability Remediation Keep up with and remediate vulnerabilities, patches, and updates, especially from ones identified from Parexel central Information Security team.Manage, oversee, and synthesize vulnerability and penetration testing

Enforce Security Processes Lead appropriate security change management practicesWork with team leadership to enforce proper security processes

Compliance and Audits Maintain compliance with, and interpret security policies to meet all compliance, including GxP, SOC2, 21 CFR Part 11, Annex 11, and HIPAAParticipate in security audits, risk analyses, and security reviews

Skills Required:Ability to write production-level code in a modern language (e.g. Python, Java, Go, Haskell, etc)Ability to execute multiple tasks efficiently and effectivelyAbility to prioritize independently within the security domainDemonstrated flexibility, organization, and self-motivationDeep curiosity and ability to learn technical and non-technical topics quicklyExcellent written and verbal communication skills

Knowledge and Experience Required:5+ years as a security engineer or architectExperience with network design and securityExperience in deploying security solutions to AWSExperience with one or more of HIPAA/HITRUST, SSAE-16(SOC 1/2), PCIFamiliarity with enterprise-level vulnerability/penetration test solutionsExperience with enterprise-level SIEM solutionsExperience with anti-virus and endpoint protection solutionsAWS Certification, or equivalent experience preferredCISSP certification, or equivalent experience preferred

Education:High School diploma required.

Employment is contingent on disclosure of your COVID-19 vaccination status and, if relevant, proof of vaccination.



2022-12-01 00:05:15

Apply to this job