Application Security & SDLC Specialist

At the heart of QIAGEN’s business is a vision to make improvements in life possible.
We are on an exciting mission to make a real difference in science and healthcare. We are still the entrepreneurial company we started out as and have today achieved a size where we can bring our full power to many initiatives and to our presence across the globe.
Our most valuable asset are our employees – more than 6000 in over 35 locations around the world. Our ambition is to ensure we have outstanding and passionate people working in the best teams and we are constantly looking for new talent to join us.
There are few players who have shaped the world of modern science and healthcare as much as QIAGEN, and we have only just started.
If you are looking to advance your career, are seeking new challenges and opportunities, enjoy working in dynamic and international, diverse teams and want to make a real impact on people’s lives, then QIAGEN is where you need to be.

Join us. At QIAGEN, you make a difference every day.

Position Description

We are looking for an Application Security Specialist to join us in a newly created role to support QIAGEN's application security strategy. The candidate will play a key role in identifying, designing and implementing consistent Secure Software Development Lifecycle practices for all QIGEN technology projects.
You will be working closely with our Product Security Manager, Solution and Security Architects as well as DevOps teams to ensure consistent and continuously improving QIAGEN secure software development lifecycle for all QIAGEN technology products to assure that application security vulnerabilities are identified, detected and mitigated as early as possible. In this hands-on role, you will be subject matter expert on application security (including but not limited to Web application development). Moreover, you are a passionate and talented application security engineer with very deep understanding of OWASP, CWE 25, Data Protection, Access Management, Software Vulnerabilities and best software design and threat modelling practices who can work in a dynamic environment.

Duties and Responsibilities:

• Help to define consistent Secure Software Development Lifecycle practices for all QIAGEN technology projects throughout the planning and delivery cycles that assure that application security risks are mitigated to an appropriate level.
• Ensure end-to-end security of QIAGEN products by hands-on testing, hypothesizing threats, helping development teams to remediate risks upfront.
• Improve secure coding practices, application security requirements, automation, training, and metrics
• Integrate threat modeling practices into the Software Development Lifecycle
• Help build secure products and standards around emerging technologies and using existing standards and security practices
• Collaborate with product and solution teams to achieve Cybersecurity software security program objectives
• Develop and optimize processes to improve software development efficiency in the consumption of security development practices
• Maintain active understanding of industry practices for secure software development

Position Requirements

• Hands on experience with Software Development e.g. Java / C# / C
• Deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
• Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
• Well versed in application design, penetration testing, application risk assessment and risk categorization
• Well versed (experience preferred) with driving and implementing secure development practices in to SDLC (SSDLC); ability to successfully integrate security into a developers world
• Success in implementing effective Secure SDLC frameworks across a large corporation.
• Familiar with waterfall and agile development processes and experienced in integrating secure development practices into both models.
• Familiar with code management system (e.g.: Bitbucket), CI/CD system (e.g.: Jenkins), Docker, Kubernetes, microservice architecture, OAuth 2.0, OpenID Connect.
• Deep knowledge and experience in implementing and using SAST, DAST, IAST, SCA and fuzz testing tools
• Fluent written and spoken English.

Personal Requirements

• Solid problem solving and analytical skills; able to quickly digest any issue/problem encountered and recommend an appropriate solution.
• Self-motivated; able to work independently; able to negotiate and bring consensus to diverse priorities of product development and solution teams.
• Highly effective communicator; well-honed influencing and negotiating skills.

QIAGEN requires proof of full COVID-19 vaccination as a condition of employment for new hires in all U.S. states other than Montana effective as of September 1, 2021. New hires and candidates will be required to present proof of full COVID-19 vaccination within three business days of start date or upon entry into the office (i.e., for interviews), whichever comes first. QIAGEN complies with applicable laws regarding the confidentiality of employee health information and the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs. Candidates who require accommodation should contact Benefits@QIAGEN. This policy is part of QIAGEN’s ongoing efforts to support public health efforts and to ensure the safety and-well-being of its employees, customers, business partners, and community.

What we offer

At the heart of QIAGEN are our people who drive our success. We act with passion, always challenging the status quo to drive innovation and continuous improvement. We inspire with our leadership and make an impact with our actions. We create a collaborative, safe and engaging workplace which forms the basis for high performing individuals and teams. We drive accountability and entrepreneurial decision-making and want you to excel your growth and shape the future of QIAGEN.QIAGEN is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, or disability.

Job Type: Full-time

Benefits:

• 401(k) matching
• Employee discount
• Health insurance
• Vision insurance

Schedule:

• 8 hour shift

Work Location: One location