Syneos Health
Principal DevSecOps Engineer (Security Operations)
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Syneos Health
Syneos Health is a fully integrated biopharmaceutical solutions organization formed in 2018 through the merger of INC Research and InVentiv Health. With over 26,000 employees across more than 110 countries, the company focuses on synchronizing clinical development and commercial execution for biopharmaceutical clients. Syneos Health leverages AI and technology to enhance customer success, translating insights into outcomes while addressing the challenges of product lifecycles from preclinical stages to market launch. The company offers comprehensive biopharmaceutical solutions that include clinical development, commercialization, and consulting services. Its expertise spans various therapeutic areas, including oncology, central nervous system, and immunology. Syneos Health Consulting provides advisory services across the drug development lifecycle, supporting portfolio strategy, medical affairs, and risk management. The firm has played a significant role in the development and commercialization of a high percentage of novel drugs, contributing to the approval of numerous FDA and EMA products.
Security at Syneos Health
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Syneos Health's AppSec philosophy emphasizes a data and risk-based approach, evolving Secure SDLC standards and processes, and promoting a DevSecOps culture.
- They aim to improve automated CI/CD pipelines with appropriate security services and automate enterprise security requirements into backlogs.
- The company also sets enterprise requirements for secure software development based on common cybersecurity frameworks such as NIST, Hitrust, CSF, SafeCode, and OWASP.
Security Team
- AppSec and software security responsibilities at Syneos Health are within the "Office of the CISO."Key security leaders include Charles Newberry, Chief Information Security Officer, and Amrit Singh, Senior Director, Cybersecurity.
- The company shows an ongoing hiring posture across security functions, with multiple active job postings found, including for Principal Cybersecurity Solution Architect, Sr. Information Security Governance Analyst, and Senior Cyber Incident Response Analyst.
Key Initiatives
Syneos Health's initiatives include evolving Secure SDLC standards and processes, promoting DevSecOps solutions and culture, and improving automated CI/CD pipelines with appropriate security services. They also focus on automating enterprise security requirements into backlogs and setting secure software development requirements based on frameworks like NIST, Hitrust, CSF, SafeCode, and OWASP. Furthermore, there is an initiative for managing the cybersecurity policy governance framework and developing, publishing, and maintaining cybersecurity Policies, Standards, Guidelines, and SOPs. Information regarding a named Security Champions program or specific vulnerability management SLAs/MTTR targets is not publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.