We're driving toward the ultimate victory: a world without the fear of cancer.
When you join Varian, you’re joining an organization with more than 7,000 team members across more than 30 countries.
Bring your talent to a place where your work will help fight cancer. We develop and manufacture products and services that innovate, support and streamline cancer-fighting solutions worldwide. Our teams have a common drive to help others, and a passion for excellence. As a Cybersecurity Architect you will be collaborating with a talented, experienced team, providing best-in-class solutions for complex problems with the opportunity to work on cutting-edge technology platforms and tools. If you are passionate about modern system architecture and security, this could be the ideal role for you.
Responsibilities include, but are not limited to:
- Define cybersecurity requirements to integrate cybersecurity standards into product design, including Secure Coding Guidelines, OWASP, SCA and DCA processes, SW component evaluation process, Secure Service and Support Model, Post-Market Cybersecurity Management Programs; evaluate and recommend the tools and technologies used; act as process owner when appropriate
- Monitor product cybersecurity threats and vulnerabilities, perform threat analysis of software, system, and architecture to communicate our current threat landscape, and design and prioritize mitigation solutions
- Plan and coordinate comprehensive security assessments (e.g. product penetration testing), analyze and report results, design, and direct remediation; support interactions with customers or other external bodies as necessary
- Support and govern the setup, usage, update, and management of an approved repository for SW libraries, including open source SW components; govern the usage thereof, and trigger remediation as necessary (e.g. vulnerability disclosure and dependency analysis); consult and guide the use of open source components in alignment with licensing terms
- Coach stakeholders from project managers, developers, SW architects, system engineers, service and support engineers, and operations team on methods and frameworks for building, servicing, and supporting secure products and solutions
- Continuously maintain expertise and information related to product security and system architecture by participating in industry forums, conferences, and training events
- Provide hands-on technical support expertise in general SW architecture and development, system engineering, IT and networking as necessary
- BSc/MSc/PhD degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field
- Sound experience in cybersecurity control design and implementation
- Cybersecurity Certification (e.g. CISSP) is a plus
- Deep knowledge of Security / Technology Standard and Security Processes and Policies (e.g. ITIL, NIST, COBIT, ISO)
- Knowledge and understanding across a wide breadth of technology domains
- Excellent experience in hands-on development in an object-oriented language
- Practical experience in designing and developing scalable web applications is a plus
- Excellent written and oral communication skills in English; sharp analytical abilities.
You are focused, systematic and used to work independently. You have a strong sense of ownership, urgency and drive. You enjoy working in a complex domain, where you can bring in your experience and expand your knowledge every day.