Job was saved successfully.
Job was removed from Saved Jobs.

This job is archived

(Archived) Software Product Security Engineer - Cybersecurity SME (Remote)

Last Updated: 11/25/22

Job Description

Job description:

The Product Security Engineer will serve as a Cybersecurity Subject Matter Expert (SME) for our Cloud-Based software applications.

They will work closely with product development in the design, implementation, and maintenance of secure software applications portfolio of cutting-edge medical and non-medical software applications.

For on-market product, the Product Security Engineer will evaluate incoming cybersecurity signals, assess the impact to on-market products and provide responses and documentation updates in compliance with our security policies and standards.

For new products and software updates, they will be participating in the design and development activities with focus on cybersecurity threat modeling, secure design, implementation, and documentation.

Key performance indicators for this role include assessing and maintaining compliance to security policies and standards, timely provisioning of product security assessments, and support for auditing of our secure product lifecycle. The role requires the ability to work in an environment that is fast paced, to work independently, and to apply the latest security design and tooling strategies available.

  • Responsible for ensuring products are safe, secure, and are compliant with division, corporate, and industry regulation and meet customer and patient security expectations.
  • Works within an agile, collaborative, multi-discipline environment to produce compliant and secure products.
  • Identifies cybersecurity risks, vulnerabilities, and assists in concepting and delivering mitigating functionalities.
  • Perform vulnerability assessments - analyze impact of vulnerabilities on software and develop/implement mitigations
  • Perform threat analysis/modeling, gap analysis, and security for on-market and in-development products
  • Owns the product cybersecurity deliverables and process compliance. Capable of following and cybersecurity processes, methods, techniques, and tools and assuring their consistent application.
  • Stay abreast of changes in the business and product environment as well as the evolving regulatory and threat landscape
  • Supporting SOC 2 and other certifications as application SME for explaining the designing and implementation of security controls
  • Ability to articulate technical discussions to a variety of internal, external, and customer stakeholder groups
  • Participates in establishing technology-specific vision and strategy and processes
  • Participates in the development of clients security policies as applicable to area of expertise

Qualifications:

BA/BS Degree in Engineering, Computer Science, MIS, or related field.

4 8 years IT experience with Fortune 500 company; 5+ years of experience in secure product development lifecycle engineering strongly desired

Preferred Qualifications

Previous work experience in a product cybersecurity role is preferred

Strong understanding of product cybersecurity and the relationship between threat, vulnerability, and potential customer risk.

Azure Certifications preferred, minimally has a strong history working with cloud hosted applications.

Hands-on security experience with various technologies, such as Docker, Kubernetes, Terraform

Experience in Object-Oriented Design and Development in Java or Javascript

Understanding of industry standards such as HITRUST, NIST Cybersecurity Framework, FedRAMP, RMF, IMDRF, TIR-57 Principles for medical device security risk management, etc.

Experience with secure configuration/hardening of systems

ISC2 CCSP Certified Cloud Security Professional, or CCNA Cyber Ops is desirable

Certifications such as CISA, CISM, CRISC, CISSP, CPP, CFE or SANS are preferred

Experience in cryptographic standards and methods and detailed knowledge of cryptographic key management preferred

Experience in Atlassian suite JIRA, Bitbucket and Confluence preferred

Why is This a Great Opportunity:

Why is This a Great Opportunity

The key to successful treatment and full recovery is often fast, accurate diagnosis. Our global clients life-changing tests and diagnostic tools provide insights that enable smarter, faster decisions and transform the way the world is managing health.

Our clients pioneering technology spans the world of healthcare operations with medical diagnostic instruments, tests, automation and informatics solutions for hospitals, reference labs, blood centers, emergency departments, physician offices and clinics.

Salary Type : Annual Salary

Salary Min : 115000

Salary Max : 125000

Currency Type : US Dollars

Company Details

Grand Rapids, Michigan, United States
NPAworldwide connects you to premier independent recruiting firms located throughout Europe, Asia, Australia, Africa and the Americas. Get connected with members around the world to widen your employer pool, get specialized placements, and find perfect matches -- all at no cost. Our members are placement professionals seeking long-term fits. Working with our recruiters gets you access to relocatio...