Thermo Fisher Scientific Application Security Engineer in Remote / Field, California

Job Description

Application Security Engineer

When you join us at Thermo Fisher Scientific, you’ll be part of a smart, driven team that shares your passion for exploration and discovery. With revenues of $22 billion and the largest investment in R&D in the industry, we give our people the resources and opportunities to make significant contributions to the world.

What will you do?

As a member of the Application Security team within Corporate Information Security Risk Management, an Application Security Engineer is responsible for realizing the initiatives set forth by Application Security Management.

This role will have primary responsibility for engaging with development teams across the organization as it relates to performing security assessments, and will act as a subject matter resource for providing guidance related to secure development practices.

Key Responsibilities:

  • Perform application security scans as requested by development teams

  • Work with the Application Security team to develop and promote automated scanning practices within the organization

  • Work with development teams to understand vulnerabilities identified, and recommend general practices and/or training to guide remediation efforts

  • Work with development teams to validate that remediations have successfully addressed vulnerabilities previously identified

  • Develop, maintain, and/or update standard operating procedures with guidance from the Application Security Manager and other Senior Application Security Engineers

  • Work alongside Senior Application Security Engineer(s) to perform manual assessment of first and 3rd party applications owned by, or providing services to, Thermo Fisher Scientific as needed

  • Provide metrics and reporting from aggregated sources to assist Application Security Management in building a picture of the current state of risk within Thermo Fisher Scientific

  • Perform other duties as assigned

How will you get there?


Bachelor’s Degree or equivalent experience with a history of writing software applications


  • 1-3 years’ experience in software development or application security

  • Experience writing and testing applications or web services in one or more of the following languages: C/C++, Java, .NET, or JavaScript

  • Familiarity with a variety of development tools such as: Eclipse, Visual Studio, Visual Studio Code, IntelliJ, Git, Jira, Jenkins, and Docker

  • Ability to explain the OWASP Top 10, including impacts and general mitigation practices

  • Excellent customer service skills

Non-Negotiable Hiring Criteria:

  • A history of engaging in general information security practice and/or the community

  • Excellent written and verbal communication skills

  • Strong attention to detail, with solid organizational and time management skills.

  • The ability to interact professionally with a diverse group of people, including:

  • Directors

  • Managers

  • Developers

  • Subject Matter Experts

At Thermo Fisher Scientific, each one of our 70,000 extraordinary minds has a unique story to tell. Join us and contribute to our singular mission—enabling our customers to make the world healthier, cleaner and safer.

If you are an individual with a disability who requires reasonable accommodation to complete any part of our application process, click here at for further assistance.

Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other legally protected status.