Medidata Solutions

About the Company

Medidata is powering smarter treatments and healthier people through digital solutions to support clinical trials. Celebrating 25 years of ground-breaking technological innovation across more than 36,000 trials and 11 million patients, Medidata offers industry-leading expertise, analytics-powered insights, and one of the largest clinical trial data sets in the industry. More than 1 million registered users across approximately 2,300 customers trust Medidata’s seamless, end-to-end platform to improve patient experiences, accelerate clinical breakthroughs, and bring therapies to market faster. A Dassault Systèmes brand (Euronext Paris: FR0014003TT8, DSY.PA), Medidata is headquartered in New York City and has been recognized as a Leader by Everest Group and IDC.

Listed Jobs

Company Name

Medidata Solutions

Job Title

Enterprise Application Security Engineer

Job Description

Job Title: Enterprise Application Security Engineer Role Summary: Design, evaluate, and enforce application security across the Software Development Life Cycle (SDLC). Collaborate with Engineering, Privacy, DevOps, and other stakeholders to define security standards, conduct architecture reviews, threat modeling, and white‑box testing, and remediate vulnerabilities in diverse applications and platforms. Expectations: - Apply SDLC security practices, including static/dynamic analysis, open‑source management, threat modeling, and architecture reviews. - Manage source code control systems and artifact repositories. - Communicate effectively with cross‑functional teams to deploy secure, cost‑effective solutions. Key Responsibilities: - Perform security architecture reviews and threat modeling for web and service‑oriented applications. - Execute white‑box security testing and remediate findings in multiple programming languages (.NET, Java, Python, Ruby, JavaScript, TypeScript, AngularJS, ReactJS). - Integrate security into CI/CD pipelines (Travis, Jenkins, GitHub Actions). - Manage source code repositories (Git, GitHub, Artifactory) and artifact pipelines. - Conduct vulnerability assessments using SAST, DAST, and other tools. - Maintain knowledge of web protocols, infrastructure‑as‑code, Kubernetes, HTTP, HTML, and JavaScript security. - Collaborate with Infrastructure teams on cloud and on‑prem hosting architectures. Required Skills: - SDLC security tools (static/dynamic analysis, threat modeling, code review). - Source control (Git, GitHub) and artifact management. - Strong programming fundamentals and familiarity with common coding patterns. - Web technologies (HTTP, HTML, JavaScript, web services, SOA, OOP). - Relational and NoSQL databases (MySQL, MS SQL, Oracle, MongoDB, DynamoDB, Redis). - Cloud platform management (AWS or vendor‑agnostic) and Kubernetes administration. - Scripting (Python, TypeScript) and CI/CD pipeline integration. Required Education & Certifications: - Bachelor’s degree (or higher) in Computer Science, Engineering, Information Technology, or related field. - Preferred: AWS or other Cloud Management certification, CISSP or equivalent security certification.

New york, United states

Hybrid

Senior

14-01-2026