Senior SecOps Architect

At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where ,Health for all, Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice.

We are looking for a Senior SecOps Architect! 

As a Senior SecOps Architect, you will be a part of Bayer's Pharma Data & AI Team. You will play a key role in driving IT security and compliance efforts for our commercial data platform, ensuring the highest standards of data protection and regulatory adherence. You will be responsible for safeguarding sensitive data, preventing unauthorized access, and seamlessly integrating security controls across the CDP ecosystem.

YOUR TASKS AND RESPONSIBILITIES: 

• Drive the design, implementation, and continuous improvement of security and compliance controls across the commercial data platform, with a focus on AWS cloud environments.

• Develop and maintain automated security monitoring, alerting, and incident response processes to proactively identify and address threats and vulnerabilities.

• Collaborate with platform, DevOps, and data engineering teams to embed security best practices and compliance requirements into infrastructure, applications, and data workflows.

• Oversee vulnerability management, threat modeling, and risk assessments to ensure robust protection of sensitive commercial and patient data.

• Drive the adoption of identity and access management (IAM) best practices, including least privilege, role-based access control, and secure authentication/authorization mechanisms (e.g., Microsoft Entra ID).

• Drive the implementation and management of secrets management solutions (e.g., HashiCorp Vault, AWS Secrets Manager) and ensure secure handling of credentials and sensitive information.

• Support compliance initiatives and audits (e.g., GxP, GDPR, HIPAA), ensuring continuous alignment with regulatory and corporate security standards.

• Guide the secure integration of new systems and third-party services within the CDP ecosystem, ensuring data flows are protected and compliant. Prepare technical documentation, including software design evaluation plans, test results and technical manuals.

• Develop and maintain security policies, playbooks, and documentation to support operational excellence and knowledge sharing within the team.

• Take the initiative to do what needs to be done without being asked, e.g. identifying and addressing security gaps, and championing a culture of security and compliance across the organization.

• Stay up to date with the latest security technologies, threats, and regulatory requirements relevant to the pharma and cloud data platform domains.

• Identify and pursue opportunities for self-improvement of technical and non-technical skills

WHO YOU ARE:

• Bachelor’s degree in Computer Science, Software Engineering, Information Technology or a related field

• 5+ years of experience in security operations, cloud security, or IT security engineering, preferably in regulated environments (pharma, healthcare, finance, etc.)

• Expert knowledge in securing cloud platforms, particularly AWS, including experience with IAM, VPC, security groups, encryption, and logging

• Good knowledge of authentication and authorization protocols and integration with identity providers (e.g., Microsoft Entra ID)

• Good experience with secrets management solutions (e.g., HashiCorp Vault, AWS Secrets Manager) and secure credential handling

• Good knowledge of security automation, monitoring, and incident response using tools such as AWS Security Hub, CloudTrail, and SIEM solutions

• Good knowledge of container security, including Kubernetes and Docker security best practices, image scanning, and runtime protection

• Basic familiarity with scripting and automation languages (Python, Bash, etc.) to support security automation and reporting

• Basic knowledge of data protection concepts, including encryption in transit/at rest, tokenization, and secure data lifecycle management

• Good knowledge of security compliance frameworks and regulatory standards (e.g., GxP, GDPR, HIPAA, SOC2) and experience supporting audits and evidence collection

• Familiarity with Agile/Scrum methodologies.

• Good communication, problem-solving, analytical, and troubleshooting skills.

• Good inter-cultural understanding and experience.

You feel you do not meet all criteria we are looking for? That doesn’t mean you aren’t the right fit for the role. Apply with confidence, we value potential over perfection!

WHAT DO WE OFFER:

• A flexible, hybrid work model 

• Great workplace in a new modern office in Warsaw

• Career development, 360° Feedback & Mentoring programme

• Wide access to professional development tools, trainings, & conferences

• Company Bonus & Reward Structure 

• Increased tax-deductible costs for authors of copyrighted works

• VIP Medical Care Package (including Dental & Mental health)

• Life & Travel Insurance

• Pension plan

• Co-financed sport card - FitProfit

• Meals Subsidy in Office 

• Budget for Home Office Setup & Maintenance

• Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs

• Tailored-made support in relocation to Warsaw when needed

• Please send your CV in English 

WORK LOCATION: WARSAW AL. JEROZOLIMSKIE 158

YOUR APPLICATION:   

Bayer welcomes applications from all individuals, regardless of race, national origin, gender, age, physical characteristics, social origin, disability, union membership, religion, family status, pregnancy, sexual orientation, gender identity, gender expression or any unlawful criterion under applicable law. We are committed to treating all applicants fairly and avoiding discrimination.

Bayer is committed to providing access and reasonable accommodations in its application process for individuals with disabilities and encourages applicants with disabilities to request any needed accommodation(s) using the contact information below. 

Bayer offers the possibility of working in a hybrid model. We know how important work-life balance is, so our employees can work from home, from the office or combine both work environments. The possibilities of using the hybrid model are each time discussed with the manager.Bayer respects and applies the Whistleblower Act in Poland.