Job Description

Company overview:TraceLink's software solutions and Opus Platform help the pharmaceutical industry digitize their supply chain and enable greater compliance, visibility, and decision making. It reduces disruption to the supply of medicines to patients who need them, anywhere in the world.Founded in 2009 with the simple mission of protecting patients, today Tracelink has 8 offices, over 800 employees and more than 1300 customers in over 60 countries around the world. Our expanding product suite continues to protect patients and now also enhances multi-enterprise collaboration through innovative new applications such as MINT.Tracelink is recognized as an industry leader by Gartner and IDC, and for having a great company culture by Comparably.As part of the Security team, this individual will lead the product security team to advance the security of TraceLink's applications and supporting infrastructure. The role is responsible for providing the vision and leadership to continually improve security maturity from Design to Production through strong partnership with the Product and Cloud Operations organizations. Additionally, this hands-on role will assist with integration, management, and development of additional tooling needed to evaluate and enforce TraceLink's security standards.Responsibilitiesxe2x97x8f Define goals and objectives related to product security, prioritize work, and allocate resources
xe2x97x8f Manage the day-to-day activities of product security team members focused on the applications, platforms, and supporting infrastructure of TraceLink's SaaS and PaaS solutions
xe2x97x8f Build, maintain, and optimize integration of security practices and tooling into the software development lifecycle
o Secure architectures and requirements
o Threat modeling
o Secure coding practices
o Manual and automated code reviews
o Analyze results from automated tools
o Security assessments / white box testing
xe2x97x8f Identify and evaluate product security risks and work with stakeholders to remediate or mitigate
xe2x97x8f Maintain product security related policies, standards, and procedures
xe2x97x8f Evaluate an implement emerging technologies that provide additional business value
xe2x97x8f Drive continual innovation, improvements, and maturity to the SDLC with new practices, toolsets, and automation
xe2x97x8f Maintain expertise in application security and new threat vectors
xe2x97x8f Coordinate third party security testing of TraceLink's solutions
xe2x97x8f Participate in investigations, triage, and remediation for security events and incidents
xe2x97x8f Support the company's certifications and attestations through day-to-day practices and championing of policies, procedures, and controls to others
xe2x97x8f Mentor other members of the Product Security team and support their ongoing developmentRequired Skills and Qualificationsxe2x97x8f Demonstrated leadership experience with initiatives/programs and teams
xe2x97x8f Excellent verbal and written communication skills to effectively and clearly engage various levels in the organization
xe2x97x8f Ability to organize, prioritize, manage, and delegate work in support of assigned objectives. Strong project management skills to ensure successful on-time delivery.
xe2x97x8f Demonstrable knowledge and experience with security concepts and tooling in the use of designing, building, and testing secure applications and systems.
xe2x97x8f Demonstrable experience developing cross-functional programs and collaborating with other disciplines to for inclusion of security into the software development lifecycle
xe2x97x8f Experience with performing threat modeling or other risk identification techniques
xe2x97x8f Experience with managing and integrating SAST, SCA, and DAST testing tools, as well as performing penetration testing
xe2x97x8f Excellent understanding of OWASP Top 10, including avoidance and remediation techniques
xe2x97x8f Excellent knowledge of secure coding practices in Java and/or JavaScript
xe2x97x8f Excellent analytical and problem-solving skillsPreferred Skills and Qualificationsxe2x97x8f Familiarity with AWS services
xe2x97x8f Knowledge of microservices architecture and supporting technologies
xe2x97x8f Passionate about learning new technologies
xe2x97x8f Experience working with Agile/Scrum development methodology
xe2x97x8f Experience automating tasks and analysis
xe2x97x8f Bachelor's degree in Computer Science, Information Systems Security, Business Administration or related field, or equivalent experience
xe2x97x8f CISSP, CCSP, CEH, CSSLP, CKS, AWS Security, OffSec, SANS Security, and other industry and vendor-specific security certificationsPlease see the for more information on how Tracelink processes your personal information during the recruitment process and, if applicable based on your location, how you can exercise your privacy rights. If you have questions about this privacy notice or need to contact us in connection with your personal data, including any requests to exercise your legal rights referred to at the end of this notice, please contact .

TraceLink