Principal IAM & Web Security Engineer

Waters Corporation

Milford, MA

JOB DETAILS
SKILLS
Access Control, Applications Security, Authentication, CISSP - Certified Information Systems Security Professional, Code Reviews, Computer Security, Content Delivery Network (CDN), Ecosystems, Establish Priorities, Firewalls, Identity Data Management, Internet Application, Internet Security, LDAP (Lightweight Directory Access Protocol), Microsoft Windows Azure, OAuth, OpenID, Operations Security (OPSEC), Penetration Testing, Python Programming/Scripting Language, Risk, Sales Pipeline, Scripting (Scripting Languages), Security Analysis, Security Assertion Markup Language (SAML), Security Compliance, Security Information and Event Management (SIEM), Software Patches, Software Testing, Time Management, Vulnerability Scanners, Web Programming, Windows PowerShell
LOCATION
Milford, MA
POSTED
3 days ago

Are you ready to be the primary defender of the digital experience and commerce ecosystem for a global leader in scientific discovery? Waters is seeking a Security Lead—an expert in application, and operational security—to ensure the health, integrity, and compliance of our mission-critical platforms.

This is more than a security compliance job; its a chance to embed security "left-of-boom" (in the development pipeline) while maintaining robust operational defenses against threats to our global digital backbone. You will be the technical authority ensuring our solutions scale globally and perform flawlessly, all while remaining secure.

Responsibilities

• Implement and manage Web Application Firewalls (WAF) and security policies, focusing on policy tuning, bot management, and rule optimization.

• Align IAM configs & controls to meet compliance, and security requirements

• Lead and execute secure code reviews, application penetration testing, and dynamic application security testing (DAST) to proactively identify vulnerabilities in the engineering lifecycle.

• Serve as the subject matter expert on Application Security best practices, including the OWASP Top 10, secure coding standards, and API security.

• Identify and track vulnerabilities across applications, coordinating remediation efforts and ensuring timely patching and risk prioritization based on business impact.

• Manage user provisioning, Role-Based Access Control (RBAC), and privileged access management (PAM).

• Enforce strong authentication mechanisms, including multi-factor authentication (MFA) and the principle of least privilege across all digital environments.

Qualifications

• 3+ years of experience in a program lead role with hands-on experience in Okta/Azure AD

• 5+ years of experience in implementing and managing WAF & CDN solutions using platforms such as Akamai/Cloudflare

• Strong knowledge of identity protocols (SAML, OAuth2, LDAP, OpenID Connect)

• Expert-level knowledge of RBAC, MFA, privileged access management, and identity governance.

• Experience in OWASP Top 10, secure coding, DAST/SAST and API security

• Proven experience in risk prioritization, remediation planning, and use of enterprise vulnerability scanning tools.

• Strong scripting or automation skills (e.g., PowerShell, Python)

• Hands-on experience with WAF management, SOC workflows, SIEM tools, and log analysis for threat detection.

• Certifications: Possession of the CISSP (Certified Information Systems Security Professional) is highly preferred.

About the Company

W

Waters Corporation