Thermo Fisher Scientific

CyberSecurity Architect

New
PayCompetitive
LocationKunkuri/Chhattisgarh
Employment typeFull-Time

What's your preference?

Apply and Get Job UpdatesApply without job updates

  • Job Description

      Req#: R-01338335

      Work Schedule

      Standard (Mon-Fri)

      Environmental Conditions

      Office

      Job Description

      As part of the Thermo Fisher Scientific team, you’ll discover meaningful work that makes a positive impact on a global scale. Join our colleagues in bringing our Mission to life every single day to enable our customers to make the world healthier, cleaner and safer. We provide our global teams with the resources needed to achieve individual career goals while helping to take science a step beyond by developing solutions for some of the world’s toughest challenges, like protecting the environment, making sure our food is safe or helping find cures for cancer.

      Key Responsibilities

      Product & Platform Security Architecture

      • Define cybersecurity architecture for scientific instruments, embedded systems, and connected applications across Android, Debian, Java/C++, and Eclipse RCP platforms.

      • Design secure architectures for desktop analysis applications (Java-based, Swing, RCP, and modern web-stack front ends).

      • Architect secure cloud infrastructure and applications in AWS, aligning with AWS Well-Architected Framework and healthcare/clinical data protection requirements.

      • Establish threat models and security controls for interconnected lab ecosystems (support for lab of the future), including ingestion pipelines, assay workflows, and instrument-to-cloud communication.

      Regulatory & Standards Compliance (Dx + Global)

      • Lead cybersecurity compliance strategy for regulated diagnostic products, ensuring alignment with:
      • FDA Premarket Cybersecurity Guidance & 21 CFR 820
      • IVDR Annex I and MDCG cybersecurity expectations
      • NMPA cybersecurity and data protection requirements

      • EU Cyber Resilience Act (CRA) obligations

      • SBOM/Software Lifecycle requirements (FDA, CRA)

      • Support RUO, Clinical Laboratory, and LDT workflows with appropriate risk-based security controls.

      • Ensure alignment with global standards: ISO 14971, 13485, 27001/27002, 62304, 81001-5-1, UL 2900, and OWASP MAS/ASVS.

      Secure Software Development Lifecycle (SSDLC)

      • Define and maintain secure coding and review practices for Java, C++, Python, and front-end frameworks.

      • Lead integration of Static Application Security Testing, Software Composition Analysis, IaC scanning, container security, and SBOM generation into CI/CD pipelines.

      • Guide engineering teams on secure-by-design patterns, secret management, secure comms, and secure data flows.

      Threat Modeling, Risk Assessment & Vulnerability Management

      • Own threat modeling (STRIDE, attack trees, misuse cases) for instrument firmware, embedded OS, desktop clients, and cloud services.

      • Define vulnerability management processes across on-premise and cloud deployments.

      • Ensure secure configuration baselines for Android and Debian-based instruments.

      • Partner with product security teams to evaluate zero-day impact, develop mitigations, and coordinate disclosures where required.

      Cloud, Connectivity & Data Protection

      • Architect secure connectivity between instruments, desktop clients, and cloud systems, including TLS, mutual authentication, key rotation, and certificate management.

      • Oversee data privacy and protection controls (PII, PHI, genomic and assay-derived data) in compliance with HIPAA, GDPR, and global equivalents.

      • Ensure secure API design, identity & access management, least privilege-based role models, and zero-trust principles in AWS.

      Cross-Functional Leadership

      • Collaborate with system architects, R&D teams, product owners, CIS, and regulatory/quality teams to ensure all products meet security and regulatory expectations.

      • Provide cybersecurity requirements into PRDs, system architecture, and risk files.

      • Serve as the technical lead during regulatory submissions and audits (FDA, EU Notified Bodies, NMPA).

      • Champion security culture through training, secure design reviews, and best-practice guidance.

  • About the company

      Thermo Fisher Scientific is an American provisioner of scientific instrumentation, reagents and consumables, and software and services to healthcare, life science, and other laboratories in academia, government, and industry.

Notice

Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.

Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.

An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.

Other job opportunities

network architect remote
servicenow architect remote jobs
systems architect remote work from home
cybersecurity analyst remotew
cybersecurity jobs remote
More information about Thermo Fisher Scientific