Requirements

Expected technologies

Node.js

Java

Python

SQL

AWS

Azure

GCP

Our requirements

• BS or MA in computer science, cybersecurity, or a related field.
• [3+] years of experience in cybersecurity, previous experience in a software engineering role utilizing modern application development (e.g., Node.js, Java, Python, SQL, etc.) highly desired.
• Desired, but not required: Certified Information Systems Security Professional (CISSP).
• Understands organizational mission, values, and goals and consistently applies this knowledge.
• Experience with cyber security tools (e.g., SAST, DAST, SCA, secrets scanning) and techniques to automate security tasks, streamline incident response, and enhance overall security posture.
• Experience with relevant security standards and regulations that apply, such as PCI DSS and HIPAA. They should be able to assess compliance requirements and implement necessary controls to ensure adherence to these standards.
• Familiarity with application deployment / configuration within one or more cloud environments (AWS, Azure, GCP)

Your responsibilities

• Implements, Operates, and assists in the design of cybersecurity solutions for Bayer’s systems and products in compliance with Bayer’s applicable security policies and standards.
• Works with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation, and configuration process of infrastructure and software.
• Maintains operational efficiency, performance, and reliability of security systems; integrating into IT lifecycle management and incident response processes.
• Analyzes and makes recommendations to improve DevOps architectures.
• Assists in the review and update of cybersecurity policies, architectures, and standards.
• Assists in responding to audits, penetration tests, and vulnerability assessments.
• Assists in the design and implementation of secure infrastructure solutions, including, source control, API, containerization, configuration management, storage security, and identity and access management (IAM) based on security policies to prevent unauthorized access.
• Conducts regular application security assessments to identify vulnerabilities and potential risks.
• Align with Cyber Security Architects on ensuring security architecture standards, guidelines, and best practices are implemented into technology.