Biomedical Equipment Engineer I (Remote - Colorado)

Thorlabs is pleased to play a role in advancing science through the components, instruments, and systems we design and manufacture. We believe that science and innovation have great potential to improve the world around us and are committed to advancing photonics (i.e., light-based) technologies that positively impact our customers, employees, and communities. Via educational outreach and more sustainable business practices, we continuously invest in a brighter future. We recognize that each of our employees is a unique individual with the ability to contribute to our success and seek to find great people who will thrive in our fun, fast-paced culture. The Security Engineering Manager will lead the evolution of our cybersecurity engineering, architecture, and operations. This role bridges strategic and tactical domains – collaborate cross-functionally with IT and business stakeholders, oversee enterprise security architecture (both Cloud and on-prem), manage security engineering team, and optimize security operations (including an outsourced SOC). This is a strategic role designed for a seasoned security expert with a proven ability to manage teams, architect complex solutions, and influence across departments. The successful candidate must be strategic while also comfortable at tactical level, with both leadership and hands-on responsibilities. Although the location of the position is in Newton, NJ, from time to time it may be required to undertake duties at other Thorlabs locations. Essential Job Functions include the following, but are not limited to: Leadership & Strategy Serve as a strategic advisor to the IT leadership team on emerging threats, investment priorities, and security posture. Set and track KPIs, KRIs, OKRs, and metrics to ensure effectiveness and continuous improvement. Collaborate closely with Infrastructure and Operations, Enterprise Applications, Application Development, and Enterprise Data teams to embed security into their processes. Present to executive stakeholders and help translate technical risk into business impact. Serve as the security SME in enterprise projects and technology investments, including tool evaluations, acquisitions, and divestitures, including strategic planning, budgeting, and cross-functional alignment. Security Architecture & Engineering Define and drive the enterprise security architecture roadmap across infrastructure, cloud, applications, and Operational Technology (OT). Lead the design and implementation of security controls, frameworks, and reference architectures. Oversee architecture reviews, and secure-by-design practices across the organization. Ensure baseline security measures are implemented and monitored (e.g., hardening, patching, zero trust, segmentation). Manage integration and ongoing optimization of security tools (e.g., CSPM, CNAPP, IAM, PKI, DLP). Identity & Access Management (IAM) Lead the Security Engineering function responsible for Identity and Access Management Architect and enhance enterprise IAM strategy including RBAC, PAM, MFA, SoD, and JML lifecycle. Drive IAM policy creation and enforcement across service, privileged, and user accounts. Guide the definition of IAM operating models, access certification processes, and automation of identity governance. Security Operations & Incident Response Oversee day-to-day security operations including SOC management (outsourced), SIEM/SOAR (Microsoft Sentinel), EDR/XDR, and threat detection and response. Collaborate with the SOC to improve detection rules, reduce false positives, and ensure robust incident detection and response capabilities. Plan and oversee penetration testing, forensic analysis, and incident investigations. Governance, Risk, & Compliance Align security architecture and operations with regulatory frameworks such as NIST, ISO 27001, CMMC, PCI-DSS, and GDPR. Partner with the GRC and Audit teams to ensure technical controls support broader compliance and risk. Coordinate with the GRC team to support policy development, risk assessments, and business continuity/disaster recovery planning. Requirements Physical Activities: The employee is occasionally required to stoop, kneel, crouch, climb or crawl. The employee must frequently lift and move up to 10 pounds and occasionally lift and move up to 25 pounds. Qualifications Experience: 10+ years of experience in cybersecurity with increasing leadership responsibility, with at least 4+ years direct people management in technical security teams. Extensive experience in security architecture, cloud platforms (Microsoft Azure, M365), and enterprise security tools. Strong command of at least 3 of the following core security domains: IAM, SIEM, vulnerability management, network security, DevSecOps, and incident response. Experience leading or managing an outsourced SOC or MDR provider. Proven leadership in security engineering and operations in a hybrid (cloud/on-prem) environment. Education: Bachelor’s degree in computer science, Engineering, related field, or equivalent work experience. Specialized Knowledge and Skills: Advanced degree (e.g., MS in Cybersecurity) is a plus. Certifications such as CISSP, CISM, Microsoft Certified: Cybersecurity Architect Expert, Azure Solutions Architect, or CEH. Experience with Microsoft Defender suite, Intune, Microsoft Sentinel, various IAM and Vulnerability Management Tools. Familiarity with security control frameworks (e.g., NIST CSF, MITRE ATT&CK, CIS). Excellent communication and interpersonal skills, with proven ability to lead across functions and influence executive stakeholders. Experience in Zero Trust architecture and OT security a big plus. Salary range for this position is $111,000 - $165,000 depending on experience Thorlabs values its diverse environment and is proud to be an Equal Employment Opportunity/Affirmative Action Employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. Job descriptions are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law.

Ensure consistent, reliable, and efficient IT delivery service within a technical domain Ensure consistent, high-quality service and drive continuous improvement through standardizing management practices, measuring team efficiency, and fostering ongoing team development Act as the primary point of contact for leadership regarding performance of IT service delivery quality within a technical domain in design, transition, deployment, and operational support Oversee the end-to-end delivery of IT service quality within the Desktop User Experience domain Monitor, manage, enhance and report on IT service performance against agreed SLAs, and KPIs Foster a culture of continuous improvement and knowledge sharing within the team Ensure the team has the necessary skills and resources to deliver excellent service Oversee the resolution of major incidents and problems impacting service delivery Coordinate internal IT teams to drive root cause analysis, After Action reports, and remediation solutions Understand, evangelize, and enforce service delivery lifecycle principles envisioning, design, plan, stabilize and deploy phases Collaborate with the Change Management team to ensure changes to IT services are implemented in the most effective and efficient manner, and with minimal disruption to the business Identify opportunities for service improvement and drive initiatives to enhance service quality, efficiency, and cost-effectiveness Provide regular reports on IT service performance to senior management and business stakeholders Manage relationships with key IT vendors, ensuring they deliver services according to agreed contracts and SLAs Contribute to the development and management of the IT service delivery budget. Track and control service delivery costs Be aware of the financial health of assigned projects, including budget management, forecasting, and variance analysis Oversee and actively participate in operations maintenance and sustainment activities Optimize the allocation and utilization of operational resources, identifying opportunities to improve efficiency and reduce costs Other duties as assigned Requirements Education/Training:  Bachelor’s Degree in relevant engineering or science discipline required Master’s Degree preferred Must have, or obtain within 6 months of start date, current DoD 8570 or 8410 compliant certifications (i.e. Security+) ITIL v4 Foundation Certification preferred PMP, or PMI certification preferred AWS Cloud Practitioner or Azure Fundamentals (AZ 900) preferred Experience: 10+ years of professional experience in the required task area  5+ years of professional experience as an IT Service Delivery Manager or similar role 1+ years of professional experience working in a management or leadership role Experience, knowledge of, or exposure to delivering and/or managing IT Service Delivery within several large and complex organizations across government and commercial environments In-depth understanding of ITIL framework and best practices, including incident management, problem management, change management, and service release management Experience with service management tools (e.g., ServiceNow, BMC Remedy) Experience with and exposure to technology services within the Service Infrastructure domain, to include: o  Linux and Windows Servers o  Server Virtualization o  Cloud Infrastructure o  Storage Infrastructure o  DevOps and Automation o  Management and Orchestration Tooling o  Identity, Credentials, and Access Management Security: Must be a US citizen Candidate must be in possession of a minimum DoD issued Secret Clearance and eligibility for TS/SCI Candidates with active current TS/SCI preferred Physical Requirements: Able to occasionally reach with hands and arms Prolonged periods of computer screen use, while sitting or standing at a desk Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.) Able to safely lift and carry up to 20 pounds at a time Benefits Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Short Term & Long Term Disability Training & Development Wellness Resources Salary: $150,000.00 - 180,000.00 Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.

Oversee end-to-end delivery and operational performance of application services supporting DoD missions Coordinate cross functional teams (App Dev, DB, Platform, Cyber, Network, Field Ops, Vendors) to deliver reliable, secure, and cost-effective services Establish the service vision, charter, and roadmap aligned to agency objectives and portfolio priorities Lead Service Governance (CAB/CCB/ARB participation) to balance velocity, reliability, and security; maintain decision records and traceability Define and maintain service policies, operating level agreements (OLAs), underpinning contracts (UCs), and escalation matrices Own the Service Catalog entries for application services (definitions, owners, SLAs/SLOs, dependencies, support model, runbooks) Coordinate readiness for new or changed services (support model, staffing, monitoring/alerting, KPIs, DR/backup, ATO artifacts, handover) Forecast demand and plan capacity (computer, storage, licenses, staff) to meet growth and seasonal mission loads Manage budgets, cost to serve, and chargeback/show back; deliver monthly variance analyses and optimization recommendations Chair/drive change quality: pre implementation reviews, maintenance windows, freeze periods, and rollback validation Ensure releases meet readiness gates (approvals, testing, monitoring, comms) and verify post change health Own P1/P2 Major Incident bridges, communications, and stakeholder updates through resolution Ensure first response quality (MTTA), restoration (MTTR), user experience impact tracking, and formal post incident reviews Drive RCA with durable corrective actions; track aging and effectiveness checks Manage availability targets, error budgets, technical debt, and resiliency patterns (graceful degradation, retries, circuit breakers) Maintain service continuity, DR plans, and evidence of periodic tests (RTO/RPO attainment) Align service operations to DoD RMF, NIST SP 800 53/37, and DISA STIGs; steward POA&M items to closure Support ATO/cATO sustainment (control inheritance, artifacts, evidence collection) and apply Zero Trust operating principles Ensure data handling, identity/access, and audit logging meet policy; coordinate with Cyber/Blue Team on detections and after-action improvements Manage third party performance to underpin SLAs; negotiate improvements or remediation plans Validate vendor runbooks, maintenance notifications, and participation in incidents/RCAs Provide daily/weekly/monthly performance reporting (availability, SLO attainment, MTTA/MTTR, change success rate, incident induced change rate, ticket backlog aging, CSAT/NPS) Run MBRs/QBRs with stakeholders; publish dashboards and executive summaries with trend analysis and actions Lead a matrixed team of controllers/analysts/engineers; set objectives, staffing plans, training paths, and on call rotations Maintain runbooks, playbooks, KEDB, service standards, and knowledge articles; drive cross training and succession depth Other duties as assigned Requirements Education/Training:  Bachelor’s Degree in relevant engineering or science discipline required Master’s Degree preferred Must have, or obtain within 6 months of start date, current DoD 8570 or 8410 compliant certifications (i.e. Security+) ITIL v4 Foundation Certification preferred Relevant Technical Certifications (Azure Administrator Associate, AWS, etc.) preferred Experience: 12+ years of professional experience in the required task area  5+ years of professional experience as an IT Service Delivery Manager or similar role 1+ years of professional experience working in a management or leadership role Experience, knowledge of, or exposure to delivering and/or managing IT Service Delivery within several large and complex organizations across government and commercial environments In-depth understanding of ITIL framework and best practices, including incident management, problem management, change management, and service release management Proven ability to manage budgets, vendor contracts, and executive reporting Familiarity with application architectures (web tiers, APIs, microservices/containers), observability concepts (APM, logs/metrics/traces), and security controls in IL4/5/6 environments Security: Must be a US citizen Candidate must be in possession of a minimum DoD issued Secret Clearance and eligibility for TS/SCI Candidates with active current TS/SCI preferred Physical Requirements: Able to occasionally reach with hands and arms Prolonged periods of computer screen use, while sitting or standing at a desk Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.) Able to safely lift and carry up to 20 pounds at a time Benefits Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Short Term & Long Term Disability Training & Development Wellness Resources Salary: $150,000.00 - 180,000.00 Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.

Ensure consistent, reliable, and efficient cybersecurity service delivery within a technical domain Ensure high-quality service and drive continuous improvement through standardized management practices, measuring team efficiency, and fostering ongoing team development Act as the primary point of contact for leadership regarding the performance of IT and cybersecurity service delivery in design, transition, deployment, and operational support Demonstrate strong leadership, interpersonal, and management skills along with a solid understanding of technology services within the Desktop User Experience technical domain Oversee the end-to-end delivery of IT service quality within the Desktop User Experience domain Monitor, manage, enhance and report on IT service performance against agreed SLAs, and KPIs Foster a culture of continuous improvement and knowledge sharing within the team. Ensure the team has the necessary skills and resources to deliver excellent service Oversee the resolution of major incidents and problems impacting service delivery Coordinate internal IT teams to drive root cause analysis, After Action reports, and remediation solutions Understand, evangelize, and enforce service delivery lifecycle principles envisioning, design, plan, stabilize and deploy phases Collaborate with the Change Management team to ensure changes to IT services are implemented in the most effective and efficient manner, and with minimal disruption to the business Identify opportunities for service improvement and drive initiatives to enhance service quality, efficiency, and cost-effectiveness Provide regular reports on IT service performance to senior management and business stakeholders Manage relationships with key IT vendors, ensuring they deliver services according to agreed contracts and SLAs Contribute to the development and management of the IT service delivery budget. Track and control service delivery costs Maintain awareness of the financial health of assigned projects, including budget management, forecasting, and variance analysis Oversee and actively participate in operations maintenance and sustainment activities Optimize the allocation and utilization of operational resources, identifying opportunities to improve efficiency and reduce costs Other duties as assigned Requirements Education/Training:  Bachelor’s Degree in relevant engineering or science discipline required Master’s Degree preferred Must have, or obtain within 6 months of start date, current DoD 8570 or 8410 compliant certifications (i.e. Security+) ITIL v4 Foundation Certification preferred Relevant Technical Certifications (Azure Administrator Associate, AWS, etc.) preferred Experience: 12+ years of professional experience in the required task area  5+ years of professional experience as an IT Service Delivery Manager or similar role 1+ years of professional experience working in a management or leadership role Experience, knowledge of, or exposure to delivering and/or managing IT Service Delivery within several large and complex organizations across government and commercial environments In-depth understanding of ITIL framework and best practices, including incident management, problem management, change management, and service release management Experience with service management tools (e.g., ServiceNow, BMC Remedy) Working knowledge and understanding of the following technical areas: Microsoft 365 (M365) Email and Collaboration Virtual Desktop Infrastructure (VDI) and Azure Virtual Desktop (AVD Windows Client Operating Systems Desktop Management Client-side Application Management Mobile Device Management (MDM File & Print Services Security: Must be a US citizen Candidate must be in possession of a minimum DoD issued Secret Clearance and eligibility for TS/SCI Candidates with active current TS/SCI preferred Physical Requirements: Able to occasionally reach with hands and arms Prolonged periods of computer screen use, while sitting or standing at a desk Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.) Able to safely lift and carry up to 20 pounds at a time Benefits Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Short Term & Long Term Disability Training & Development Wellness Resources Salary: $150,000.00 - 180,000.00 Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.

Ensure consistent, reliable, and efficient cybersecurity service delivery within a technical domain Ensure high-quality service and drive continuous improvement through standardized management practices, measuring team efficiency, and fostering ongoing team development Act as the primary point of contact for leadership regarding the performance of IT and cybersecurity service delivery in design, transition, deployment, and operational support Oversee end-to-end delivery of cybersecurity service quality Monitor, manage, enhance, and report on IT service performance against agreed SLAs and KPIs Foster a culture of continuous improvement and knowledge sharing Ensure the team has the necessary skills and resources to deliver excellent service Oversee resolution of major incidents and problems impacting cybersecurity service delivery Coordinate internal IT teams to drive root cause analysis, After Action reports, and remediation solutions Understand, evangelize, and enforce service delivery lifecycle principles (envisioning, design, plan, stabilize, and deploy phases) Collaborate with Change Management to ensure changes to cybersecurity services are implemented effectively, efficiently, and with minimal disruption Identify opportunities for service improvement and drive initiatives to enhance service quality, efficiency, and cost-effectiveness Provide regular reports on service performance to senior management and business stakeholders Manage relationships with key IT and cybersecurity vendors, ensuring services meet contractual obligations Contribute to development and management of the service delivery budget. Track and control service delivery costs Maintain awareness of financial health for assigned projects, including budgeting, forecasting, and variance analysis Oversee and actively participate in operational maintenance and sustainment activities Optimize allocation and utilization of operational resources, identifying opportunities to improve efficiency and reduce costs Other duties as assigned Requirements Education/Training:  Bachelor’s Degree in relevant engineering or science discipline required Master’s Degree preferred Must have, or obtain within 6 months of start date, current DoD 8570 or 8410 compliant certifications (i.e. Security+) ITIL v4 Foundation Certification preferred Experience: 12+ years of professional experience in the required task area  5+ years of professional experience as an IT Service Delivery Manager or similar role 1+ years of professional experience working in a management or leadership role Experience, knowledge of, or exposure to delivering and/or managing IT Service Delivery within several large and complex organizations across government and commercial environments In-depth understanding of ITIL framework and best practices, including incident management, problem management, change management, and service release management Excellent analytical, problem-solving, and decision-making skills Experience with service management tools (e.g., ServiceNow, BMC Remedy) Experience in DoD IT Operations preferred Project management experience preferred Security: Must be a US citizen Candidate must be in possession of a minimum DoD issued Secret Clearance and eligibility for TS/SCI Candidates with active current TS/SCI preferred Physical Requirements: Able to occasionally reach with hands and arms Prolonged periods of computer screen use, while sitting or standing at a desk Adhere to safety protocols when in work areas requiring use of PPE (e.g. eyewear, gloves, masks, hearing protection, steel toed shoes, etc.) Able to safely lift and carry up to 20 pounds at a time Benefits Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Short Term & Long Term Disability Training & Development Wellness Resources Salary: $150,000.00 - 180,000.00 Salary rates for this position are competitive and commensurate with experience and industry standards. We offer a comprehensive benefits package that may include health insurance, paid time off, and retirement savings options.

Description: Zifo is working with a large pharma client to build a team of laboratory IT (lab computing, & Lab IT systems) professionals. **This role will require a 100% on-site presence in Albany, NY ** **This role is not eligible for relocation assistance** Requirements Responsibilities: ·       Execute validation test plans once approved by client(s) ·       Revise and route Lifecycle documents for review and approval ·       Update relevant IT lifecycle documents ·       Participate in Sandboxing sessions with multifunctional teams ·       Coordinate delivery of PC hardware to various laboratories and manufacturing areas ·       Troubleshoot and resolve any IT issues / tickets as needed   Qualifications: Bachelor of Science in computer science, life science Previous technical experience including (but not limited to); Windows technologies, networking, remote computing and backup systems preferred Excellent customer service skills complemented by an ability to listen to and interpret client requests Ability to troubleshoot complex instrument and technology issues Strong oral and written communication skills Ability to identify, track and complete tasks for multiple projects Knowledge of laboratory safety practices as defined by the company and/or customer’s site safety code Experience with virtual machine support (preferred) Experience with scientific instrumentation (preferred)   A successful Zifo-ite is: Independent, Self-Motivated & Results driven Willing & able to quickly acquire new Technical Skills & Business Principles A critical thinker who possesses logical reasoning Curious and always looking for creative solutions to complex problems Benefits About Zifo: CURIOSITY DRIVEN, SCIENCE FOCUSED, EMPLOYEE BUILT. Our culture is unlike any other, one where we debate, challenge ourselves, and interact with all alike. We are a curious bunch, characterized by our passion to learn and spirit of teamwork. Zifo is a global R&D solutions provider focused on the industries of Pharma, Biotech, Manufacturing QC, Medical Devices, specialty chemicals and other research-based organizations. Our team’s knowledge of science and expertise in technology help Zifo better serve our customers around the globe, including 7 of the Top 10 Biopharma companies. We look for Science – Biotechnology, Pharmaceutical Technology, Biomedical Engineering, Microbiology etc. We possess scientific and technical knowledge and bear professional and personal goals. While we have a “no doors” policy to promote free access within, we do have a tough door to walk in. We search with a two-point agenda – technical competency and cultural adaptability. We offer a competitive compensation package including accrued vacation, medical, dental, vision, 401k with company matching, life insurance, and flexible spending accounts. If you share these sentiments and are prepared for the atypical, then Zifo is your calling! Zifo is an equal opportunity employer, and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.