- DevSecOps Integration: Collaborate with software development and product teams to embed security within our DevOps processes, ensuring the secure deployment of applications and infrastructure.
- Secure Solutions Design: Architect scalable security solutions that align with DevSecOps principles and industry standards/regulations.
- Policy & Compliance: Develop and maintain security policies, standards, and procedures; ensure compliance with relevant regulatory requirements (e.g., OWASP Top 10, CWE Top 25, SANS 25).
- Maturity Assessment: Conduct DevOps/DevSecOps maturity assessments to gauge and improve processes within development teams.
- Security Testing & Tooling: Implement and manage security testing tools (e.g., SAST, SCA, DAST, & IAST platforms), including vulnerability scanning, code analysis, and penetration testing.
- Collaboration: Work cross-functionally to integrate security measures throughout the software development lifecycle.
- Risk Awareness: Stay current on emerging threats, trends, and security technologies; communicate risks and issues to senior management.
- Thought Leadership: Serve as a subject matter expert and advocate for secure coding and application security best practices.
- Technical Support: Automate security checks in Azure DevOps/Jenkins/GitHub Actions; help developer teams understand and fix vulnerabilities.
- Education: Bachelor’s degree in Computer Science, Information Systems, or a related field.
- Experience: 5+ years in software development and application security architecture/development.
- Strong understanding of DevOps tools and processes, network security, cryptography, application security, and cloud security.
- Solid background in web application architecture, design, and development (including embedded systems is a plus).
- Familiarity with industry compliance frameworks (e.g., GDPR, OWASP Top 10, CWE Top 25, SANS 25, ISO27001, IEC62443).
- Practical experience with Git, Azure DevOps, Visual Studio/VS Code, Eclipse, or similar.
- Experience with Coverity(SAST), BlackDuck SCA, BlackDuck Binary Analysis (BDBA), and CodeDX (SRM) is a plus.
- Excellent analytical and problem-solving abilities.
- Strong communication and interpersonal skills for effective collaboration with internal stakeholders and external vendors.
- Industry certifications (e.g., CISSP, CISM, CSSLP, CEH) are a plus.
- Competitive salary and comprehensive benefits package.
- Opportunities for professional growth and development in a global enterprise environment.
For those who prioritize precision, Mettler Toledo is precisely where you belong.
Job Reference #
Preferred Location
Job Type
Legal Entity