Head of Security Architecture and Engineering (Remote)
Boston, Massachusetts | Albany, New York | Austin, Texas | Denver, Colorado | Hartford, Connecticut | Olympia, Washington | Canada | Sacramento, California | Washington, DC | Remote
ResponsibilitiesLocation Boston, MassachusettsUS Job ID REQ-050341
Technical security leader across all aspects of cloud security transformation for 5500-person, global organization operating within 40 countries.
- Architect a net new cloud security technology stack utilizing best of breed and cloud native security technologies across 35+ required security areas.
- Build a security engineering and architecture team that will enable the protection of Perkin Ellmer’s business across corporate and product security within cloud, multi-cloud, hybrid-cloud and collocated architectures.
- Partner with MSSPs to enable a timely and secure exit from transition services agreements (TSAs) including the design and implementation of the net new cloud security technology stack.
- Partner closely with other team members within the CISO function within the areas of risk, compliance, governance and security incident response and threat intel, to ensure alignment with the cross-team requirements.
- Collaborate with business stakeholder across Perkin Elmer including, but not limited to, R&D, Quality Management, and Operations.
- Identity and Access Management:
- Identity governance (IGA)
- Privileged access management (PAM)
- Single sign-on (SSO) & MFA
- Secrets management
- Vulnerability Management:
- ‘Shift Left’ mentality to reduce vulnerabilities.
- Expertise in protecting against OWSAP Top 10
- Hardening w/ CIS benchmarks
- Respond to 0-day vulnerabilities with the security incident response and threat team.
- Ability to detect vulnerabilities and partner with devops on timely remediation based on SLAs.
- Support third party penetration testing
- Endpoint Security:
- Endpoint detection and response (EDR) across laptop and cloud infrastructure
- Collaborate with IT on mobile device management (MDM), including critical security controls admin access management, encryption, patching, and remote wipe.
- Email & Ransomware Protections:
- Focus on ensuring Perkin Elmer is protected from email based and ransomware attacks.
- Architect and implement security strategies, configurations, and technology to protect against Ransomware.
- Partner closely with incident response and threat intel team on emerging ransomware and phishing threats and implement migrations in response to those threats as needed.
- Zero Trust Architectures:
- Determine zero trust architectures across various layers of the technology stack, network, data, applications.
- Support rollout of zero trust network architecture across cloud, multi-cloud, hybrid-cloud, and on-prem footprints
- Container Security & CICD:
- Cloud workload protection (CWPP)
- Partner with R&D and Product to determine CICD models that balance innovation and security.
- Collaborate with CTO organization regarding cloud infrastructure container design and implementation.
- Consider cloud, hybrid-cloud, multi-cloud, and on-prem technologies in the design and implementation of security technology stack, and staffing models.
- Security log ingestion architecture into SIEM, SOAR, UEBA
- Configuration, hardening and security management across platforms.
- Provide support for security related requests for third-party audits.
- Provide quarterly metrics to the CISO on security posture of Perkin Elmer, for the CEO and BOD
- Support security investigations and responding to information security incidents.
- Manage security vendors, budget, and contract renewals in partnering with procurement and finance.
- Lead the development, maintenance and review of information security policies and procedures.
- Work cross functionality with a quality management team in support of pharmaceutical and regulatory security requirements.
- Mentor and coach junior team members
- Support information security awareness activities
Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities of this job at any time.
- Bachelor’s degree in computer science, Information Systems, or related field
- 10+ years experience in security architecture and engineering
- Experience in leading security efforts for a cloud transformation for a medium to large enterprise organization
- Experience with cloud, multi-cloud, hybrid-cloud, and on-prem technology architectures
- AWS and Azure Cloud IaaS expertise
- Technical expertise in implementing/configuring and running at least 10 of the following 20 security technology areasSSO, IGA, PAM, MFA, CWPP, MDM, IDP/IPS, AWS Security Groups/ IP Tables, DNSSEC, 0 Trust, SIEM, SOAR, UEBA, WAF, MDR, DLP, CSPM, Vulnerability Scans, Key Management, Secrets Management
- Ability to script in languages such as – python, shell, ruby, perl
- English language proficiency
- CISSP, CISM or similar certifications preferred.
- Position is fully remote, preference to candidates in North America, Europe, and Boston Massachusetts and surrounding areas.
- Potential Travel 10%
- Strong written and verbal communication skills and presentation skills.
- Leadership, teamwork and client service skills.
- Comfortable at the command line, but not required for job function.
- Organized, detail-oriented, trustworthy, willing to speak up, proactive, persuasive.
- Demonstrated integrity within a professional environment.
Technology Expertise Preferred
- Amazon Web Services (AWS) and Microsoft Azure (AZURE)
- Operating Systems: Windows & Linux
- Zero Trust: Zscaler, Palo Alto
- IDP, SSO, MFA – Microsoft, Okta
- IGA – SailPoint, Saviynt
- PAM – Beyond Trust, Saviynt, CyberArk
- MDM – Intune, JAMF, Workspace One
- EDR – SentinelOne, Crowdstrike, Microsoft Defender
- MDR - SentinelOne, Crowdstrike, Microsoft Defender, Expel, Reliaquest
- SIEM – Splunk, Exabeam, LogRhythm
- Log Management – ELK, Data lake as a Service
- Containers – Kubernetes, Docker
- Vulnerability Management – Nessus, Qualys, Veracode, Orca, Synack
- Secrets Management – Hashicorp, CyberArk, BeyondTrust, Bitwarden
- Atlassian Suite - JIRA & Confluence
- Operational Technology (OT) security experience at a global manufacturing company
- Master’s degree
- Experience preferred in applying relevant technical knowledge in at least four of the following audits/regulations: SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 27701, FISMA, FedRAMP, SOX 404, HITRUST CSF, HIPAA, ISO 9001, GxP, 21 CFR Part 11, GAMP 5, EU Annex 11
- Corporate IT / help desk experience
- Must be able to remains in a stationary position more than 25% of the time
- Specific vision abilities required by this position include without limitation, the ability to observe details at close range (within a few feet of the instrument), distance vision, color vision, peripheral vision, depth perception, and ability to adjust focus in order to perform the essential service functions of this position.
- Occasionally operates a computer and other office machinery, such as a calculator, copy machine, and computer printer.
About Working At Perkin Elmer
Backed by an 80-year history rich in innovation, PerkinElmer is a long-time leader and pioneer in the scientific community. We hire talented, committed and driven people and strive to create a work environment that brings out the entrepreneur in all of us. Perkin Elmer has over 5500 employees across 40+ countries.
Benefit packages include: Medical, Dental and Vision; Health Savings Accounts, Flexible Spending Accounts, Health and Wellness Programs and Incentives; Employer Matching 401(k); Tuition Reimbursement; Professional Development; Maternity and Paternity Leave; Paid Holidays and Personal Time Off; Life and Disability Insurance; and Work/Life Balance.
PerkinElmer is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, or veteran status or any other characteristics protected by applicable law. PerkinElmer is committed to a culturally diverse workforce.
Featured JobsView All of Our Available Opportunities
Recently Viewed Jobs
"PerkinElmer is committed to making the world a better place, from helping improve the environment to the health of people around the world. It is a company with strong values."
"Helping PerkinElmer save over 70 babies a day gives me a sense of pride and purpose."