Enterprise Application Security Engineer
Requisition ID
546369
Category
Information Technology
Location
United States - NY, New York
Location: Hybrid or Remote
Medidata follows a hybrid office policy in which employees who are hired for an in-person position are expected to work on site a certain number of days per week in accordance with Company policy.
About our Company:
Medidata is powering smarter treatments and healthier people through digital solutions to support clinical trials. Celebrating 25 years of ground-breaking technological innovation across more than 36,000 trials and 11 million patients, Medidata offers industry-leading expertise, analytics-powered insights, and one of the largest clinical trial data sets in the industry. More than 1 million users trust Medidata's seamless, end-to-end platform to improve patient experiences, accelerate clinical breakthroughs, and bring therapies to market faster. Discover more at www.medidata.com.
About the Team:
The Information Security Application Architecture team is responsible for designing, evaluating and enforcing application security in all phases of the Software Development Life Cycle (SDLC).
We work closely with our Engineering, Privacy and DevOps teams to define and implement the application security standards, perform software architecture design reviews, and threat modeling. We conduct white box security testing, and support the identification, interpretation, and remediation of vulnerabilities across a variety of applications, programming languages, and platforms. This role will report to the Manager of Application Security & Sourcing department.
Who we’re looking for:
- Experience with common SDLC tools & practices; static and dynamic code analysis, open-source management, threat modeling, architecture review, etc.
- Sound understanding of source code control & source code management systems
- Fundamental knowledge of programming and application engineering including common coding patterns & their use cases
- Working knowledge of web related technologies (Web applications, Web Services, Service Oriented and Object
- Oriented Architectures) and network/web related protocols
- Familiarity with Infrastructure as Code and Kubernetes Cluster Administration
- Experience with HTML and JavaScript along with a solid understanding of HTTP protocol
- Development experience and familiarity with various coding languages including .NET (C#), Java, Ruby, Python; Javascript, Typescript, AngularJS & ReactJS
- Practical experience in using Relational Databases (i.e., MySQL, MS SQL, Oracle) as well as Non-Relational Databases (i.e., MongoDB, DynamoDB, Redis)
- Experience in information security principles, web applications, and a level of familiarity with malicious code and common techniques used by hackers
- Ability to collaborate with other functions in order to deploy and maintain solutions in an appropriate and cost-effective manner
Qualifications:
- Bachelor's degree (or above) in Computer Science/Engineering, Information Technology or comparable required
- AWS or Vendor Agnostic Cloud Management Certification is a plus
- CISSP or equivalent certification is a bonus
- Source Code & Artifact Management: Git, GitHub, Artifactory
- CI & CD Pipelines: Travis, Jenkins, GitHubActions
- Scripting languages: Python, Typescript
- Programming languages: Java
- Hosting Architectures: Cloud & Self Hosted
- Security Exercises: SAST, DAST
As with all roles, Medidata sets ranges based on a number of factors including function, level, candidate expertise and experience, and geographic location.
The salary range for positions that will be physically based in the NYC Metro Area is $96,000-$128,000.
The salary range for positions that will be physically based in the California Bay Area is $101,250-$135,000.
The salary range for positions that will be physically based in the Boston Metro Area is $94,500-126,000.
The salary range for positions that will be physically based in Texas or Ohio is $84,375-$112,500.
The salary range for positions that will be physically based in all other locations within the United States is $85,500-$114,000.
Base pay is one part of the Total Rewards that Medidata provides to compensate and recognize employees for their work. Most sales positions are eligible for a commission on the terms of applicable plan documents, and many of Medidata's non-sales positions are eligible for annual bonuses. Medidata believes that benefits should connect you to the support you need when it matters most and provides best-in-class benefits, including medical, dental, life and disability insurance; 401(k) matching; flexible paid time off; and 10 paid holidays per year.
Equal Employment Opportunity:
In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Medidata are based on merit, qualifications and abilities. Medidata is committed to a policy of non-discrimination and equal opportunity for all employees and qualified applicants without regard to race, color, religion, gender, sex (including pregnancy, childbirth or medical or common conditions related to pregnancy or childbirth), sexual orientation, gender identity, gender expression, marital status, familial status, national origin, ancestry, age, disability, veteran status, military service, application for military service, genetic information, receipt of free medical care, or any other characteristic protected under applicable law. Medidata will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable law.
Applications will be accepted on an ongoing basis until the position is filled.
#LI-EM1
#LI-Hybrid
Note: Please be on the lookout for job scams. Medidata recruiters will never ask applicants for monetary compensation, credit card, or banking details.