Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Cybersecurity Specialist II- Application & Cloud security at Bristol-Myers Squibb
Hyderabad, Telangana, India
Not SpecifiedCompensation
Mid-level (3 to 4 years)Experience Level
Full TimeJob Type
UnknownVisa
Pharmaceuticals, Healthcare, TechnologyIndustries
Requirements
- Bachelor’s degree in information technology or equivalent experience
- Over 4+ years of experience in cybersecurity, particularly in application and cloud security
- Proven experience in Application Security and integrating security into SDLC (SAST, DAST, and SCA)
- Strong knowledge of CI/CD pipelines, GitHub, and DevSecOps practices
- Hands-on experience with AWS, Azure, or GCP
- Proficiency in scripting languages like Python and JavaScript
- Experience using cloud security tools (e.g., CSPM like Wiz.io) to manage security in cloud environments
- Experience with cloud security management and mitigating cloud vulnerabilities in multi-cloud environments (AWS, Azure, GCP)
- Familiarity with REST APIs to integrate security tools and automate security operations
- Preferred Qualifications
- Relevant certifications such as CISSP, CCSP, or cloud provider certifications (AWS, Azure, or GCP Security)
- Strong communication skills with the ability to work collaboratively across multiple teams
Responsibilities
- Collaborate with development teams to integrate security throughout the SDLC
- Implement and manage Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) practices
- Work with CI/CD pipelines and tools such as GitHub to implement automated security practices in the development lifecycle
- Foster a DevSecOps culture by ensuring security is integrated into the development process from start to finish
- Utilize Cloud Security Posture Management (CSPM) tools like Wiz.io to assess and mitigate vulnerabilities in AWS, Azure, and GCP cloud environments
- Conduct regular security assessments to maintain compliance with industry standards
- Partner with cross-functional teams to enhance cloud security, identify vulnerabilities, and ensure the effective application of security policies
- Develop scripts (e.g., Python, JavaScript) and utilize REST APIs to automate security processes and enhance security operations across cloud environments
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What experience level is required for this Cybersecurity Specialist II role?
The role requires over 4+ years of experience in cybersecurity, specifically in application and cloud security.
What are the primary technical skills needed for this position?
Key skills include experience with SAST, DAST, SCA, CI/CD pipelines, GitHub, DevSecOps, AWS/Azure/GCP, scripting in Python and JavaScript, and CSPM tools like Wiz.io.
What is the salary or compensation for this role?
This information is not specified in the job description.
Is this position remote or does it require office work?
This information is not specified in the job description.
What does the company culture look like at Bristol Myers Squibb?
The culture emphasizes challenging, meaningful, life-changing work with high-achieving teams, opportunities for growth, and a focus on work-life balance and flexibility.
Bristol-Myers Squibb
Develops and delivers biopharmaceutical medicines
About Bristol-Myers Squibb
Bristol Myers Squibb (BMS) develops and delivers medicines aimed at treating serious diseases, focusing on areas like cancer, autoimmune diseases, and heart conditions. The company conducts extensive research and development to create new drugs, which are sold after receiving regulatory approval. BMS also produces generic drugs, offering affordable alternatives that meet the same quality standards as their branded counterparts. What sets BMS apart from competitors is its dual focus on both innovative and generic medicines, enhancing access to healthcare. The company's goal is to improve patient outcomes while maintaining a commitment to sustainability and corporate responsibility.
New York City, New YorkHeadquarters
1887Year Founded
$33,706.1MTotal Funding
IPOCompany Stage
Biotechnology, HealthcareIndustries
10,001+Employees
Benefits
Flexible Work Hours
Hybrid Work Options
Professional Development Budget
Risks
Increased competition in oncology from emerging biotech firms like ArsenalBio.
BMS's lawsuit over the 340B Drug Pricing Program may lead to regulatory challenges.
Rapid AI and digital tech evolution may pose integration challenges for BMS.
Differentiation
BMS focuses on innovative cancer treatments through collaborations like ArsenalBio for T cell therapies.
The company emphasizes digital health technologies, enhancing clinical trial management and patient engagement.
BMS offers both innovative and generic medicines, increasing affordable healthcare solutions.
Upsides
BMS's partnership with Medidata enhances clinical research processes and patient outcomes.
The collaboration with AI Proteins advances novel miniprotein-based therapeutics, expanding therapeutic modalities.
BMS's global license agreement with BioArctic expands its portfolio in neurodegenerative diseases.
Related Jobs
RemoteRemoteDevSecOps Engineer
Authentic8Salary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Security Engineer, Application Security
1PasswordSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Cloud Security Architect (R-00079)
True Zero TechnologiesSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Security Engineer, Application Security
Trail of BitsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteDevOps Engineer
Swish AnalyticsSalary not specified
- Full Time
- Senior (5 to 8 years)