Clario

Product Security Engineer

Clario  •  Republic of India (Remote)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Clario, a part of Thermo Fisher Scientific, is seeking a Senior Product Security Engineer to help drive the adoption, operationalization, and continuous improvement of our Product Security Program. This is a developer-first governance role — the ideal candidate is a software engineer who understands security, not a security analyst who dabbles in code. You will build the automation, data pipelines, and dashboards that allow our security program to operate at scale, embed security-by-design throughout the product development lifecycle, and use AI to push the boundaries of what automated security governance can do. If you can pull data from an API, put it in a database, and turn it into an executive-ready dashboard — and you care about security — this role is for you.

What We Offer

  • Competitive compensation

  • Provident fund and medical insurance

  • Engaging employee programs and local events

  • Modern office spaces and remote work flexibility

What You'll Be Doing

Product Security Governance

  • Establish and maintain governance processes for product security controls, ensuring end-to-end traceability and audit readiness

  • Define, monitor, and report compliance against Product Security policies, standards, and procedures

  • Develop and maintain security control repositories, evidence management processes, and audit artifacts

  • Support internal and external audits, regulatory assessments, and security compliance initiatives

Secure Development Lifecycle (SSDLC)

  • Integrate Product Security Reviews at the earliest stages of product and software development

  • Partner with Engineering and Product teams to embed Security-by-Design principles throughout the SDLC

  • Facilitate security requirements definition, architecture reviews, and design assessments

  • Drive consistent execution of product security checkpoints and governance gates across development programs

Security Automation, Metrics & Dashboards

  • Develop automated dashboards, KPIs, and security metrics using tools such as Power BI to provide actionable insights to engineering teams and leadership

  • Build data pipelines that pull security and product data from tools like GitLab, Jira, and vulnerability management platforms via API, store it in a structured database, and feed executive dashboards

  • Drive automation initiatives that improve visibility into product security posture and governance effectiveness

  • Leverage Python, PowerShell, and API integrations to reduce manual governance activities and enable AI-driven security workflows

Product Data & Artifact Management

  • Automate synchronization of product, application, and security-related data across enterprise systems

  • Establish and maintain repositories for pre-market and post-market security evidence and documentation

  • Ensure product security artifacts are complete, current, accessible, and aligned with regulatory requirements

  • Support vulnerability management, risk assessments, and product security documentation activities

Security Education & Awareness

  • Develop, maintain, and deliver Product Security training programs for engineering, product, and quality teams

  • Promote secure coding practices, threat-informed development, and a security-first culture

  • Measure and report training effectiveness and security program adoption

What We Look For

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field

  • 5+ years of experience in Application Security, Product Security, Secure SDLC, DevSecOps, or Cybersecurity Governance

  • Strong software development background — proficiency in Python and/or PowerShell scripting is required

  • Hands-on experience developing and consuming REST APIs to integrate security tools and automate data workflows

  • Experience building dashboards, KPI reports, and security metrics using Power BI, Tableau, Grafana, or similar tools

  • Experience with data pipeline concepts — pulling from APIs, storing in databases, formatting for reporting (data lake concepts a plus)

  • Knowledge of security governance frameworks such as NIST SSDF, OWASP SAMM, ISO 27001, or IEC 62443

  • Experience automating security workflows using APIs, scripting, or low-code automation platforms

  • Strong understanding of SSDLC, threat modeling, and security-by-design principles

  • Excellent communication and stakeholder management skills — this role presents security data to engineering teams and leadership

  • Experience supporting regulated industries (Healthcare, Medical Devices, Financial Services) is preferred

  • Familiarity with GRC platforms, ServiceNow, Jira, Azure DevOps, GitLab is a plus

  • Security certifications (CISSP, CSSLP, CISM, GSEC, CCSP) are preferred but not required

  • Exposure to AI/ML in security automation is a strong plus — the team is actively building AI-driven security workflows

At Clario, a part of Thermo Fisher Scientific, our purpose is to transform lives by unlocking better evidence. Whether you're advancing clinical science, building innovative technology, or supporting our global teams, your work helps bring life-changing therapies to patients faster.

The Department Head has the discretion to hire personnel with a combination of experience and education, which may vary from the above listed qualifications.

EEO Statement
Clario is an equal opportunity employer. Clario evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status, or any other legally protected characteristic.

Clario

About Clario

Clario is a leading healthcare research and technology company that generates high quality clinical evidence for our pharmaceutical, biotech, and medical device partners. We offer comprehensive evidence generation solutions that combine eCOA, cardiac safety, medical imaging, precision motion, and respiratory endpoints.

Since our founding more than 50 years ago, Clario has delivered deep scientific expertise and broad endpoint technologies to help transform lives around the world. Our endpoint data solutions have supported clinical trials over 26,000 times in more than 100 countries. Our global team of science, technology, and operational experts have supported over 60% of all FDA drug approvals since 2019.

For more information, visit Clario.com

Industry
Biotech & Life Sciences
Company Size
5,001-10,000 employees
Headquarters
Philadelphia, Pennsylvania
Year Founded
Unknown
Social Media