Senior InfoSec Engineer (SecDevOps) - Remote (India)

About Charles River

For 75 years, Charles River Laboratories has been instrumental in the discovery, development, and safe manufacture of new drug therapies. As an early-stage contract research organization (CRO), they offer a diverse portfolio of discovery and safety assessment services. With over 20,000 employees across 110 facilities in more than 20 countries, Charles River collaborates with global pharmaceutical companies, biotech firms, government agencies, and academic institutions, playing a vital role in improving global health and the quality of people's lives. They are committed to providing comprehensive benefits and fostering an inclusive work environment.

Job Overview

The Senior InfoSec Engineer (SecDevOps) is a Subject Matter Expert (SME) responsible for bridging development, operations, and security. This role implements and maintains secure DevOps practices, assesses cybersecurity risks, recommends controls, and evaluates risk exposure against established frameworks. The engineer will also review and document deficiencies, advocate for change, and escalate issues as needed, with a strong emphasis on securing business-to-business initiatives, third-party relationships, and outsourced solutions.

Key Details

• This position is designated as permanently remote and located in India.
• Must be able to work the hours of 3pm - 11pm IST.
• May require occasional domestic or international travel.

Job Description

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Develop, implement, and maintain secure CI/CD pipelines to facilitate safe code releases without sacrificing speed or efficiency.
• Collaborate with development and operations teams to integrate security at every phase of the software development lifecycle.
• Conduct vulnerability assessments and security tests on applications and infrastructure to identify and mitigate risks before production deployment.
• Automate security processes to reduce human error and increase incident response times.
• Maintain security documentation and standard operating procedures.
• Stay up to date with emerging security threats and vulnerabilities and ensure that the company's systems and data are protected against them.
• Provide security awareness training to other teams and advocate for security best practices throughout the organization.
• Participate in the development and enforcement of security policies and procedures.
• Perform other duties as assigned.

Qualifications

Education:

• Bachelor’s degree (B.A./B.S.) or equivalent in computer science, information security, or related discipline.
• An equivalent combination of education and experience may be accepted.

Experience:

• 3+ years of experience in a DevOps role with a strong focus on security, or in a dedicated cybersecurity role with exposure to DevOps practices.

Certification/Licensure:

• IT security-related certification desired (e.g., CISSP, CISM, CompTIA Security+, Certified Kubernetes Security Specialist (CKS), AWS Certified DevOps Engineer, or similar professional certification).

Other:

• Strong understanding of cloud platforms (AWS, Azure, GCP) and their native security tools.
• Proficiency in scripting languages (e.g., Python, Bash) and automation tools (e.g., Ansible, Terraform, Jenkins).
• Familiarity with containerization and orchestration technologies (Docker, Kubernetes).
• Knowledge of compliance standards and security frameworks (e.g., ISO 27001, NIST, SOC 2).
• Experience with secure software development practices such as using SAST/DAST tools, secure code review, and threat modeling.
• Excellent problem-solving skills and ability to think critically and strategically.
• Effective communication skills, with an ability to convey complex security issues to non-technical stakeholders.
• Strong interpersonal, teamwork, and self-initiative skills.