Are you ready to be part of the future of healthcare? Are you able to think big, be bold, and harness the power of digital and AI to tackle longstanding life sciences challenges? Then Evinova, a new health tech business part of the AstraZeneca Group might be for you!
Transform billions of patients’ lives through technology, data and cutting-edge ways of working. You’re disruptive, decisive and transformative. Someone who’s excited to use technology to improve patients’ health. We’re building a new healthtech business – Evinova, a fully-owned subsidiary of AstraZeneca Group.
Our Gaithersburg, Maryland facility creates life-changing medicines for people around the world. This campus employs more than 3,500 experts in our field and is only a short drive from Washington, DC. This modern and vibrant scientific campus is the home of R&D and Oncology in the US. Here, we play host to some of the most cutting-edge technology and lab spaces, all designed to inspire collaboration and cross-functional science. We believe employees benefit from being challenged and inspired at work. We are dedicated to creating a culture of inclusion and collaboration.
The Gaithersburg site offers a variety of amenities to help boost productivity and help keep our employees happy and healthy. This includes a fitness center, employee healthcare clinic, electric vehicle charging stations, dry cleaning, full-service cafeteria and copy center. This is where you’ll find newly-designed, activity-based work spaces to suit a variety of working styles while increasing collaboration between teams.
Evinova delivers market-leading digital health solutions that are science-based, evidence-led, and human experience-driven. Thoughtful risks and quick decisions come together to accelerate innovation across the life sciences sector. Be part of a diverse team that pushes the boundaries of science by digitally empowering a deeper understanding of the patients we’re helping. Launch pioneering digital solutions that improve the patients’ experience and deliver better health outcomes. Together, we have the opportunity to combine deep scientific expertise with digital and artificial intelligence to serve the wider healthcare community and create new standards across the sector.
The Product Security Engineer (“AppSec”) role at Evinova is uniquely positioned to advance the security pillar of our software development lifecycle. As a member of the Evinova Cybersecurity organization, and specifically aligned to the Product Security Engineering team, this role will advise on the security posture of our SaaS product portfolio by conducting security assessments, reviewing code, managing AppSec security tools, and collaborating cross-functionally to remediate software security issues. This role will partner with the other domains of the Evinova Cybersecurity organization, including Cyber Governance Risk and Compliance, Security Operations, and Cloud Security. Success in this role includes providing expert-level support for the adoption of secure development standards, and delivering developer focused training on emerging threats and secure coding practices. Evinova is committed to providing secure, scalable, and innovative Digital Health solutions to the Life Sciences sector – providing this role ample opportunities for professional development, intellectual curiosity, and leadership visibility.
Key Responsibilities:
Perform all aspects of Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Application Programming Interface (API) Security assessments to identify code vulnerabilities, architectural misconfigurations and runtime security weaknesses.
Evaluate the use of third-party code libraries by driving Software Composition Analysis (SCA) and supporting Software Bill of Materials (SBOM) development tasks.
Contribute to Threat Modeling and Design Reviews by identifying AppSec relevant gaps and proposing to cross-functional teams secure design patterns which are aligned with best practices and regulatory requirements.
Provide actionable and impactful remediation guidance to Software Development and Engineering teams ensuring security findings are understood and fixes are implemented in a timely manner.
Monitor and support the configuration, execution, and optimization of our AppSec tools and seamless integration with CI/CD pipelines.
Facilitate knowledge sharing and security best practices adoption by conducting training sessions (live and recorded) and developing security-relevant documentation.
Partner with other Cybersecurity peers to advance the continuous improvement of our enterprise-wide cybersecurity controls, development processes, governance policies / standards, and other initiatives related to holistic cybersecurity.
Demonstrate initiative, strong customer orientation, and cross-cultural working.
Minimum Qualifications:
2+ years of demonstrable experience in Application Security, Software Engineering, or a related field. Relevant internships, coursework and extra-curricular activities may also be considered as experience.
Strong understanding of web application security, authentication, authorization, and encryption concepts.
Familiarity with leading secure coding principles, frameworks, and guidance such as OWASP Top 10 and NIST Special Publications.
Basic proficiency in at least one programming language (e.g., Python, Java).
Hands-on experience with leading SAST, DAST, SCA, and API Security related tools and methodologies.
Analytical mindset and approach to addressing security findings, issue prioritization, and stakeholder articulation.
Ability to work cross-functionality with globally dispersed engineers, product teams, and cyber peers.
Ability to work independently in a fast-paced environment with a proven ability to manage competing priorities.
Excellent written and verbal communication skills (English)
Desired Qualifications:
At least 4+ years of providing AppSec capabilities for a SaaS/cloud service provider.
Prior experience as a Software Developer, Infrastructure Engineer, and/or Product Security Engineer.
Experience providing AppSec capabilities within a highly regulated and global business environment, particularly in the healthcare and/or clinical research industry (added plus).
Operational familiarity with leading Product Security enabling and adjacent technologies such as GitHub Advanced Security, Sonarcube, 42Crunch API Security, InsightAppSec, Wiz, Splunk Cloud, or their equivalents.
Expert-level proficiency in all aspects of the AppSec Domain, CI/CD pipelines, and DevSecOps principles.
Strong understanding of Amazon Web Services (AWS) as an Infrastructure provider, Containerization (Kubernetes), Serverless Computing, Infrastructure-as-Code, and other next generation Cloud Computing technologies and engineering approaches.
At least one relevant cybersecurity certifications such as CISSP, CEH, OSCP, AWS Certifications, etc.
Why Evinova (AstraZeneca)?
Evinova draws on AstraZeneca’s deep experience developing novel therapeutics, informed by insights from thousands of patients and clinical researchers. Together, we can accelerate the delivery of life-changing medicines, improve the design and delivery of clinical trials for better patient experiences and outcomes, and think more holistically about patient care before, during, and after treatment. We know that regulators, healthcare professionals, and care teams at clinical trial sites do not want a fragmented approach. They do not want a future where every pharmaceutical company provides its own, different digital solutions. They want solutions that work across the sector, simplify their workload, and benefit patients broadly. By bringing our solutions to the wider healthcare community, we can help build more unified approaches to how we all develop and deploy digital technologies, better serving our teams, physicians, and ultimately patients. Evinova represents a unique opportunity to deliver meaningful outcomes with digital and AI to serve the wider healthcare community and create new standards for the sector. Join us on our journey of building a new kind of health-tech business to reset expectations of what a bio-pharmaceutical company can be. This means we’re opening new ways to work, pioneering cutting-edge methods, and bringing unexpected teams together.
So, what’s next!
Are you already envisioning yourself joining our team? Good, because we can’t wait to hear from you.
Where can I find out more?
Our Social Media, Follow AstraZeneca on LinkedIn https://www.linkedin.com/company/1603/
Follow AstraZeneca on Facebook https://www.facebook.com/astrazenecacareers/
Follow AstraZeneca on Instagram https://www.instagram.com/astrazeneca_careers/?hl=en
Learn more about Evinova www.evinova.com
The annual base pay for this position ranges from $121,926 to $182,889. Hourly and salaried non-exempt employees will also be paid overtime pay when working qualifying overtime hours. Base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. In addition, our positions offer a short-term incentive bonus opportunity; eligibility to participate in our equity-based long-term incentive program (salaried roles), to receive a retirement contribution (hourly roles), and commission payment eligibility (sales roles). Benefits offered included a qualified retirement program [401(k) plan]; paid vacation and holidays; paid leaves; and, health benefits including medical, prescription drug, dental, and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an “at-will position” and the Company reserves the right to modify base pay (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.
Date Posted
19-mar-2025Closing Date
22-abr-2025Our mission is to build an inclusive and equitable environment. We want people to feel they belong at AstraZeneca and Alexion, starting with our recruitment process. We welcome and consider applications from all qualified candidates, regardless of characteristics. We offer reasonable adjustments/accommodations to help all candidates to perform at their best. If you have a need for any adjustments/accommodations, please complete the section in the application form.
0 applies
2 views
Other Jobs from AstraZeneca
GBS Project Services - Project Manager
Senior Optimization and ML Engineer
Associate Director, Cell Therapy CMC Project Manager
Similar Jobs
Software Development Intern
Principal Software Engineer, Auto
Senior Software Engineer
There are more than 50,000 engineering jobs:
Subscribe to membership and unlock all jobs
Engineering Jobs
60,000+ jobs from 4,500+ well-funded companies
Updated Daily
New jobs are added every day as companies post them
Refined Search
Use filters like skill, location, etc to narrow results
Become a member
🥳🥳🥳 452 happy customers and counting...
Overall, over 80% of customers chose to renew their subscriptions after the initial sign-up.
To try it out
For active job seekers
For those who are passive looking
Cancel anytime
Frequently Asked Questions
- We prioritize job seekers as our customers, unlike bigger job sites, by charging a small fee to provide them with curated access to the best companies and up-to-date jobs. This focus allows us to deliver a more personalized and effective job search experience.
- We've got about 70,000 jobs from 5,000 vetted companies. No fake or sleazy jobs here!
- We aggregate jobs from 5,000+ companies' career pages, so you can be sure that you're getting the most up-to-date and relevant jobs.
- We're the only job board *for* software engineers, *by* software engineers… in case you needed a reminder! We add thousands of new jobs daily and offer powerful search filters just for you. 🛠️
- Every single hour! We add 2,000-3,000 new jobs daily, so you'll always have fresh opportunities. 🚀
- Typically, job searches take 3-6 months. EchoJobs helps you spend more time applying and less time hunting. 🎯
- Check daily! We're always updating with new jobs. Set up job alerts for even quicker access. 📅
What Fellow Engineers Say
