Join our Information Security team as a Senior DevSecOps Engineer and be part of the core team building a global enterprise-grade Application Security program from the ground up. You'll play a vital role in implementing security testing tools, integrating them into our CI/CD ecosystems, and delivering actionable findings to developers—enabling secure software delivery at scale. Together, we'll make a remarkable impact on people's lives by protecting the systems that discover and deliver life-changing medicines to patients who need them.

This position can be virtually anywhere in the U.S.

Responsibilities:

• Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify vulnerabilities and configuration issues during the software development lifecycle.
• Implementing and maintaining tools (such as Application Security Posture Management / ASPM) to centralize and deduplicate findings from multiple solutions and integrate reporting into software development workflows.
• Integrating security tooling with large-scale enterprise CI/CD pipelines.
• Building and managing tooling and processes to drive efficient DevSecOps and Application Security (AppSec) operations.