Senior Security Analyst

By clicking the “Apply” button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda’s Privacy Notice and Terms of Use. I further attest that all information I submit in my employment application is true to the best of my knowledge.

Job Description

ACCOUNTABILITIES :

· Responsible for conducting static code analysis, threat modelling, and creating/managing the developer training program

· Lead in the development and execution of the secure software development strategy for the

enterprise, including policies, standards, and governance

· Implements automation to integrate Application Security into various applications across the

enterprise

· Provides input and guidance on the various DevOps security tools/processes for threat modelling, code repository security, container security, dynamic application security testing, secrets management, penetration testing, and cloud infrastructure security

· Assists in the development of a communications program for application threats and external and internal security events

· Improves and expands application security risk posture and processes across the enterprise

· Creates and supports metrics that report application risk posture and progress over time

· Manages continuous release planning and execution, and integrates with security design and engineering work across multiple groups and technical constituencies

EDUCATION, BEHAVIOURAL COMPETENCIES AND SKILLS:

· Bachelor’s degree in related field (Business, Information Services, IT, Information Security,

etc.)

· At least 3 years of experience with Application Security, including familiarity with the leading

toolsets supporting Application Security (dynamic and static)

· At least 1 year of experience with product design, delivery, ownership, and threat modelling

· Experience in enabling organizations with DevSecOps

· Strong experience with establishing and executing application security strategy

· Experience in static code analysis and third-party software composition analysis

· Experience in establishing and rolling out Threat Modelling enterprise-wide that can be consumed by developers and engineers

· Strong problem-solving and program execution skills; Ability to prioritize and drive difficult decisions among heads of development teams

· Ability to solve very complex security issues that span legal, compliance, and regulatory obligations across various lines of business and shared service areas of the company

· Knowledge of common information security management frameworks, including but not limited to: ISO 27001/27002, ITIL, COBIT, and NIST

· Ability to provide ongoing metrics and reporting

· Ability to communicate ideas and data both verbally and written in a persuasive and appropriate manner

Desired:

· In-depth pharmaceutical industry and drug development experience

· Experience with validated systems

· Information security certification (CISSP, CISM, GIAC, CEH)

Locations

Worker Type

Worker Sub-Type

Time Type