Application Security Analyst

Together, we can beat cancer.

At Varian, a Siemens Healthineers Company, we bring together the world's best talent to realize our vision of a world without fear of cancer. Together, we work passionately to develop and deliver easy-to-use, efficient oncology solutions.

We are part of an incredible community of scientists, clinicians, developers, researchers, professionals, and skilled specialists pushing the boundaries of what’s possible, to improve people’s lives around the world. We embrace a culture of inclusivity in which the power and potential of every individual can be unleashed. We spark ideas that lead to positive impact and continued success.

If you want to be part of this important mission, we want to hear from you.

As an Application Security Analyst, you will play a crucial role in safeguarding our organization's digital assets by ensuring the security of our applications throughout the development life cycle. Your responsibilities will include conducting thorough security assessments, identifying vulnerabilities, and implementing robust security measures. Collaborating with development and IT teams, you will provide guidance on secure coding practices and contribute to the design of secure architectures. Additionally, you will stay abreast of emerging threats and industry best practices to proactively enhance our application security posture. If you are passionate about protecting digital landscapes, possess a deep understanding of application security principles, and have hands-on experience with security tools and techniques, we invite you to join our dynamic team dedicated to fortifying our digital defenses.

Responsibilities

• Integration of cyber-security considerations into product design, implementation, review, update, and EOL management
• Monitor product cyber-security threats and vulnerabilities, perform planned and on-demand Cybersecurity Risk Assessment; work with the architecture and engineering teams to design and prioritize mitigating solutions
• Plan and coordinate comprehensive security assessments (e.g. Product Penetration Testing), analyze and report results, design, and direct remediation
• Configure security tools for static security code analysis and 3rd party and vulnerability analysis and review report
• Provide hands-on technical support expertise in general SW design and development, system engineering, IT and networking as necessary
• Provide quality documentation of security concepts to comply with regulations and certifications
• Follow latest trends and risks in the cybersecurity landscape and develop strategies and roadmap to continuously improve the security or our products
• Provides support for broader risk and compliance activities including security certifications (ISO27001)
• Work with geographically distributed development teams in USA, Canada, Finland, Switzerland, and India

Requirements

Nice to have :

Relevant certifications such as Security+, ISC2 CC, CSSLP are a plus.

Varian is required to comply with all local and applicable regulations that may be associated with vaccine requirements for certain roles.

Fighting cancer calls for big ideas.

We envision a world without fear of cancer. Achieving this vision takes dedication and commitment from all of us, every single day. That's why we celebrate and value the distinctly beautiful and intersectional identities of each of our employees. We are a mirror of our patient-base, which allows us to innovate. Big ideas come from everywhere, and the best ideas are fostered by our unique individual experiences. At Varian, we encourage you to bring your whole self to work and believe your bold and authentic perspective will help to power more victories over cancer.

TogetherWeFight