If youve built software and then became obsessed with breaking it — or if youve spent years finding vulnerabilities and now want to prevent them by design — this role was written for youYoull join the security team of a general pharmaceutical leader to define how applications are built securely from the ground up. This is not a compliance checkbox role. This is about real ownership, real impact, and building a security culture that developers actually embrace.What youll doDefine and implement secure architecture patterns for enterprise applications — from design through deployment.Lead threat modeling sessions and security reviews (architecture, code, APIs) across development teams.Be the go-to reference for authentication, certificate management, and cryptographic standards.Champion secure coding practices — OWASP, SAST/DAST, secure CI/CD — and make developers want to follow them.Translate complex security risks into language that resonates with business stakeholders.Mentor developers and software architects; turn security-aware engineers into security advocates.Contribute to enterprise-wide security frameworks covering IAM, network security, and application interfaces.What were looking forMust-haves:5+ years in cybersecurity with a clear focus on application security.Background as a software developer or penetration tester — you understand how things break because youve built or broken them.Solid knowledge of authentication protocols, digital certificates, and cryptographic standards.Hands-on experience with security architecture reviews and code analysis.Fluency in secure coding standards: OWASP Top 10, CWE, and friends.Ability to communicate technical risk clearly to non-technical audiences.Advanced English and Spanish (working proficiency in both).Great to have (but not blockers):Experience in regulated environments: MDR, HIPAA, GxP, or similar.Familiarity with pharma or healthcare sector dynamics.Hands-on with tools like Burp Suite, ZAP, SonarQube,