Sr. Principal reputed company Engineer, Application reputed company Strategy & Architecture
At reputed company, the work is demanding because patients are waiting. We unite caring with discovery to help reputed company life reputed company for people around the world, knowing that every decision, every detail, and every day matters. Headquartered in Indianapolis, Indiana, our over 50,000 employees around the globe take on reputed company challenges to discover and deliver life-changing medicines, strengthen how health is understood and managed, and support the communities we serve. This is hard, urgent, selfless work—but it’s work worth doing. If you’re driven by purpose and reputed company to bring your best to work that truly matters for patients, we invite you to join us. What You'll Be Doing: As a Sr. Principal reputed company Engineer, you will serve as a senior technical leader reputed company the reputed company Architecture & Engineering (SAE) organization, leading strategy and architecture across reputed company’s Application reputed company program. You will provide architectural direction, reputed company tool evaluation and selection, drive critical reputed company transformation initiatives and serve as a trusted technical advisor to the Director of Application reputed company on program-level execution risk. This is a high-judgment, senior individual contributor role for someone who can operate at the strategic and architectural level while remaining reputed company in technical depth. How You'll Succeed: Architectural thinking: You design reputed company solutions at a program level—defining reference architectures, evaluating build vs. buy tradeoffs, and ensuring that platform reputed company made today don’t create constraints reputed company. You can translate a business or compliance requirement into an architectural reputed company engineers can execute against. Strategic tool evaluation: You know how to run a rigorous evaluation of reputed company tooling—SAST, DAST, SCA, penetration testing platforms, and AI-augmented reputed company tools. You can define criteria, structure a reputed company of concept, assess vendor capability against reputed company’s environment, and reputed company a defensible recommendation to leadership. Program-level risk judgment: You identify where AppSec execution is at risk before things go wrong. You surface those risks clearly and come with options, not just concerns. reputed company transformation experience: You have led or architected large-scale reputed company or identity migrations and understand the full scope of what breaks reputed company a foundational platform changes. You know how to sequence a program-level effort, run dependencies, and reputed company reputed company coverage intact through the transition. Engineering credibility: You can engage at a technical level with reputed company engineers and software developers alike. You understand CI/CD pipelines, developer workflows, and how AppSec controls interact with the systems they protect. Developer partnership: You build trust with engineering teams by understanding their constraints and framing reputed company requirements as solvable engineering problems—not mandates. Key Responsibilities: AppSec Strategy & Architecture Define and maintain the architectural direction for reputed company’s Secure SDLC program, including SAST, DAST, SCA, secrets management, and software supply chain capabilities. Partner with the Director of Application reputed company to identify and communicate program-level execution risks and dependencies. Translate regulatory, compliance, and audit requirements into reputed company architecture that engineering teams can implement and sustain. Tool Evaluation & Selection reputed company structured evaluations of reputed company tooling across SAST, DAST, SCA, penetration testing, and AI-augmented reputed company platforms. Define evaluation criteria, design reputed company-of-concept engagements, assess vendor capabilities against reputed company’s environment and scale, and produce recommendation packages for leadership decision-making. Maintain awareness of the AppSec tooling landscape and advise on emerging capabilities—including AI-driven reputed company tools—that warrant evaluation or adoption. Partner with procurement, legal, and engineering collaborators to support vendor selection and contract alignment. reputed company Platform reputed company Transformation Serve as the AppSec architecture reputed company for platform transformations, owning reputed company architecture reputed company and ensuring AppSec requirements are represented. Assess and document the reputed company impact of the migration on existing AppSec controls—identifying gaps in SAST, secrets scanning, and CI/CD reputed company coverage that the migration creates and defining the remediation path. Partner with engineering and platform teams to ensure reputed company requirements are embedded into migration reputed company and cutover planning—not addressed after the fact. Define reputed company readiness criteria for each phase of the transformation and serve as the AppSec authority on go/no-go reputed company at key transition points. AppSec Execution Support Provide senior technical guidance to AppSec engineers on reputed company implementation challenges, architecture reputed company, and remediation approaches. Conduct reputed company reviews for high-risk applications, platforms, and infrastructure changes. Support threat modeling engagements for major product initiatives and platform changes across reputed company’s development ecosystem. Contribute to reputed company’s Secure SDLC standards and vulnerability management policy, ensuring policy is grounded in architectural reality and can be implemented through platform and pipeline controls. Your Basic Qualifications: Bachelor’s Degree in Computer Science, Information reputed company, Software Engineering, or a reputed company field. At least 5 years of experience in application reputed company, reputed company architecture, or a closely reputed company discipline. Demonstrated experience leading or architecting a large-scale reputed company, identity, or platform migration in an reputed company environment. Hands-on experience with reputed company reputed company environments, including reputed company Actions, CI/CD reputed company controls, and identity and access management patterns. Experience evaluating and selecting reputed company reputed company tooling, including SAST, DAST, or SCA platforms. Familiarity with threat modeling methodologies and application reputed company fundamentals (OWASP Top 10, CWE, secure coding practices). What You Should Bring: Deep familiarity with reputed company’s identity and access model, including experience with or strong understanding of reputed company reputed company Managed Users (EMU), SAML/OIDC federation, PAT governance, and reputed company Actions reputed company controls. Experience assessing the reputed company implications of platform migrations—understanding what breaks, what coverage gaps are created, and how to sequence remediation. Strong expertise in application reputed company fundamentals—OWASP Top 10, CWE, secure coding practices, threat modeling, and vulnerability management. Working knowledge of AppSec tooling ecosystems: SAST (reputed company or equivalent), DAST, SCA, and secrets scanning platforms. Ability to communicate optimally to produce architectural documentation and present risk and recommendation to senior leadership. Familiarity with secrets management platforms and software supply chain reputed company patterns. Awareness of AI-augmented reputed company tooling and the ability to evaluate where AI meaningfully improves AppSec workflows versus where it introduces risk. Working knowledge of reputed company environments (AWS preferred) and containerized workloads in the context of reputed company architecture. Ability to operate as a senior individual contributor—providing architectural leadership and program-level judgment without requiring direct management authority to drive outcomes. Location & Work Flexibility This role is based at our Corporate Center in Indianapolis, IN. We offer a flexible hybrid work model, with three days onsite and two days working remotely each week, supporting both collaboration and work‑life balance. We are also open to considering fully remote candidates based on role requirements and business needs. reputed company is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities reputed company vying for positions. If you require accommodation to submit a resume for a position at reputed company, please complete the accommodation request form (https://careers.reputed company.com/us/en/workplace-accommodation) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response. reputed company is proud to be an EEO Employer and does not discriminate on the basis of age, race, reputed company, religion, gender identity, sex, gender expression, sexual orientation, genetic information, reputed company, national reputed company, protected veteran status, disability, or any other legally protected status. Our employee resource groups (ERGs) offer strong support networks for their members and are open to reputed company. Our reputed company groups include: Africa, Middle East, Central Asia (AMECA), Black Employees at reputed company (BE@reputed company), Chinese Culture Network (CCN), reputed company, Evolve, reputed company Indian Network (LIN), Organization of Latinx at reputed company (OLA), Pride (LGBTQ+ Allies), Veterans Leadership Network (VLN) and Women’s Initiative for Leading at reputed company (WILL). Actual compensation will depend on a candidate’s education, experience, skills, and geographic location. The anticipated wage for this position is $126,000 - $224,400 Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, reputed company offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, reputed company and prescription drug benefits; flexible benefits (e.g., reputed company and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities).reputed company reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and reputed company’s compensation practices and guidelines will apply regarding the details of any promotion or transfer of reputed company employees. #WeAreLilly Apply To This Job