Logo for Clario

Product Security Engineer

Role overview

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field
  • 5+ years of experience in Application Security, Product Security, Secure SDLC, DevSecOps, or Cybersecurity Governance
  • Strong software development background — proficiency in Python and/or PowerShell scripting is required
  • Hands-on experience developing and consuming REST APIs to integrate security tools and automate data workflows

Responsibilities

  • Establish and maintain governance processes for product security controls, ensuring end-to-end traceability and audit readiness
  • Integrate Product Security Reviews at the earliest stages of product and software development
  • Develop automated dashboards, KPIs, and security metrics using tools such as Power BI to provide actionable insights
  • Develop, maintain, and deliver Product Security training programs for engineering, product, and quality teams

About the company

Clario logo

Clario

Contract Research Organizations (CRO)

Clario is a leading healthcare research and technology company that generates high quality clinical evidence for our pharmaceutical, biotech, and medical device partners. We offer comprehensive evidence generation solutions that combine eCOA, cardiac safety, medical imaging, precision motion, and respiratory endpoints. Since our founding more than 50 years ago, Clario has delivered deep scientific expertise and broad endpoint technologies to help transform lives around the world. Our endpoint data solutions have supported clinical trials over 26,000 times in more than 100 countries. Our global team of science, technology, and operational experts have supported over 60% of all FDA drug approvals since 2019. For more information, visit Clario.com

Company details

Company typeXLarge
IndustryContract Research Organizations (CRO)
Company size1001 - 5000

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Clario, a part of Thermo Fisher Scientific, is seeking a Senior Product Security Engineer to help drive the adoption, operationalization, and continuous improvement of our Product Security Program. This is a developer-first governance role — the ideal candidate is a software engineer who understands security, not a security analyst who dabbles in code. You will build the automation, data pipelines, and dashboards that allow our security program to operate at scale, embed security-by-design throughout the product development lifecycle, and use AI to push the boundaries of what automated security governance can do. If you can pull data from an API, put it in a database, and turn it into an executive-ready dashboard — and you care about security — this role is for you.

What We Offer

  • Competitive compensation

  • Provident fund and medical insurance

  • Engaging employee programs and local events

  • Modern office spaces and remote work flexibility

What You'll Be Doing

Product Security Governance

  • Establish and maintain governance processes for product security controls, ensuring end-to-end traceability and audit readiness

  • Define, monitor, and report compliance against Product Security policies, standards, and procedures

  • Develop and maintain security control repositories, evidence management processes, and audit artifacts

  • Support internal and external audits, regulatory assessments, and security compliance initiatives

Secure Development Lifecycle (SSDLC)

  • Integrate Product Security Reviews at the earliest stages of product and software development

  • Partner with Engineering and Product teams to embed Security-by-Design principles throughout the SDLC

  • Facilitate security requirements definition, architecture reviews, and design assessments

  • Drive consistent execution of product security checkpoints and governance gates across development programs

Security Automation, Metrics & Dashboards

  • Develop automated dashboards, KPIs, and security metrics using tools such as Power BI to provide actionable insights to engineering teams and leadership

  • Build data pipelines that pull security and product data from tools like GitLab, Jira, and vulnerability management platforms via API, store it in a structured database, and feed executive dashboards

  • Drive automation initiatives that improve visibility into product security posture and governance effectiveness

  • Leverage Python, PowerShell, and API integrations to reduce manual governance activities and enable AI-driven security workflows

Product Data & Artifact Management

  • Automate synchronization of product, application, and security-related data across enterprise systems

  • Establish and maintain repositories for pre-market and post-market security evidence and documentation

  • Ensure product security artifacts are complete, current, accessible, and aligned with regulatory requirements

  • Support vulnerability management, risk assessments, and product security documentation activities

Security Education & Awareness

  • Develop, maintain, and deliver Product Security training programs for engineering, product, and quality teams

  • Promote secure coding practices, threat-informed development, and a security-first culture

  • Measure and report training effectiveness and security program adoption

What We Look For

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field

  • 5+ years of experience in Application Security, Product Security, Secure SDLC, DevSecOps, or Cybersecurity Governance

  • Strong software development background — proficiency in Python and/or PowerShell scripting is required

  • Hands-on experience developing and consuming REST APIs to integrate security tools and automate data workflows

  • Experience building dashboards, KPI reports, and security metrics using Power BI, Tableau, Grafana, or similar tools

  • Experience with data pipeline concepts — pulling from APIs, storing in databases, formatting for reporting (data lake concepts a plus)

  • Knowledge of security governance frameworks such as NIST SSDF, OWASP SAMM, ISO 27001, or IEC 62443

  • Experience automating security workflows using APIs, scripting, or low-code automation platforms

  • Strong understanding of SSDLC, threat modeling, and security-by-design principles

  • Excellent communication and stakeholder management skills — this role presents security data to engineering teams and leadership

  • Experience supporting regulated industries (Healthcare, Medical Devices, Financial Services) is preferred

  • Familiarity with GRC platforms, ServiceNow, Jira, Azure DevOps, GitLab is a plus

  • Security certifications (CISSP, CSSLP, CISM, GSEC, CCSP) are preferred but not required

  • Exposure to AI/ML in security automation is a strong plus — the team is actively building AI-driven security workflows

At Clario, a part of Thermo Fisher Scientific, our purpose is to transform lives by unlocking better evidence. Whether you're advancing clinical science, building innovative technology, or supporting our global teams, your work helps bring life-changing therapies to patients faster.

The Department Head has the discretion to hire personnel with a combination of experience and education, which may vary from the above listed qualifications.

EEO Statement
Clario is an equal opportunity employer.  Clario evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status, or any other legally protected characteristic.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Security Engineer Related jobs

Other jobs at Clario

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.