This job is archived
The Product Security Engineer will serve as a Cybersecurity Subject Matter Expert (SME) for our Cloud-Based software applications.
They will work closely with product development in the design, implementation, and maintenance of secure software applications portfolio of cutting-edge medical and non-medical software applications.
For on-market product, the Product Security Engineer will evaluate incoming cybersecurity signals, assess the impact to on-market products and provide responses and documentation updates in compliance with our security policies and standards.
For new products and software updates, they will be participating in the design and development activities with focus on cybersecurity threat modeling, secure design, implementation, and documentation.
Key performance indicators for this role include assessing and maintaining compliance to security policies and standards, timely provisioning of product security assessments, and support for auditing of our secure product lifecycle. The role requires the ability to work in an environment that is fast paced, to work independently, and to apply the latest security design and tooling strategies available.
- Responsible for ensuring products are safe, secure, and are compliant with division, corporate, and industry regulation and meet customer and patient security expectations.
- Works within an agile, collaborative, multi-discipline environment to produce compliant and secure products.
- Identifies cybersecurity risks, vulnerabilities, and assists in concepting and delivering mitigating functionalities.
- Perform vulnerability assessments - analyze impact of vulnerabilities on software and develop/implement mitigations
- Perform threat analysis/modeling, gap analysis, and security for on-market and in-development products
- Owns the product cybersecurity deliverables and process compliance. Capable of following and cybersecurity processes, methods, techniques, and tools and assuring their consistent application.
- Stay abreast of changes in the business and product environment as well as the evolving regulatory and threat landscape
- Supporting SOC 2 and other certifications as application SME for explaining the designing and implementation of security controls
- Ability to articulate technical discussions to a variety of internal, external, and customer stakeholder groups
- Participates in establishing technology-specific vision and strategy and processes
- Participates in the development of clients security policies as applicable to area of expertise
BA/BS Degree in Engineering, Computer Science, MIS, or related field.
4 8 years IT experience with Fortune 500 company; 5+ years of experience in secure product development lifecycle engineering strongly desired
Previous work experience in a product cybersecurity role is preferred
Strong understanding of product cybersecurity and the relationship between threat, vulnerability, and potential customer risk.
Azure Certifications preferred, minimally has a strong history working with cloud hosted applications.
Hands-on security experience with various technologies, such as Docker, Kubernetes, Terraform
Understanding of industry standards such as HITRUST, NIST Cybersecurity Framework, FedRAMP, RMF, IMDRF, TIR-57 Principles for medical device security risk management, etc.
Experience with secure configuration/hardening of systems
ISC2 CCSP Certified Cloud Security Professional, or CCNA Cyber Ops is desirable
Certifications such as CISA, CISM, CRISC, CISSP, CPP, CFE or SANS are preferred
Experience in cryptographic standards and methods and detailed knowledge of cryptographic key management preferred
Experience in Atlassian suite JIRA, Bitbucket and Confluence preferredWhy is This a Great Opportunity:
Why is This a Great Opportunity
The key to successful treatment and full recovery is often fast, accurate diagnosis. Our global clients life-changing tests and diagnostic tools provide insights that enable smarter, faster decisions and transform the way the world is managing health.
Our clients pioneering technology spans the world of healthcare operations with medical diagnostic instruments, tests, automation and informatics solutions for hospitals, reference labs, blood centers, emergency departments, physician offices and clinics.
Salary Type : Annual Salary
Salary Min : 115000
Salary Max : 125000
Currency Type : US Dollars