Job Title: Product Security Engineer
Our client is seeking a skilled Product Security Engineer to join their team. As a Product Security Engineer, you will play a crucial role in ensuring the security and integrity of our products.
Main Responsibilities:
1. Support teams in reducing product risk by identifying practical solutions to increase security in new and existing products.
2. Work with R&D to implement secure software solutions that meet industry-accepted standards for medical device security, including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring.
3. Assist in product security risk assessments and provide guidance on vulnerability remediation to product development software engineers.
4. Develop and ensure software engineering procedures align with product security requirements.
5. Support the Product Security Documentation process, including providing standardized documentation, organizing document reviews, and ensuring timely delivery of high-quality deliverables.
6. Interface with technical departments, such as Systems Hardware, Quality, and technical services, to oversee product security aspects.
7. Collaborate with other resources to ensure effective design and implementation goals.
8. Maintain adherence to development policies and software quality procedures.
About You:
* Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or related field, or equivalent work experience.
* Minimum 3 years of experience in IT-Security, secure software development, and designs, and risk management.
* Working experience with various encryption algorithms and PKI solutions.
* Familiarity with security issues and solutions for embedded devices.
* Understanding of networking and related security aspects, common attacks, and developing in a regulated environment.
* Excellent communication, interpersonal, and written skills.
* Demonstrated commitment to achieving project goals and positive work ethic.
* Familiarity with Microsoft Office products and tools.
Desirable Skills:
* Experience with Dynamic and static code analysis tools.
* Knowledge of completing a track Trace and plan using a Security Requirements Traceability Matrix (SRTM) or similar tool.
* Understanding of vulnerability scans and static code analysis results.
* Proper secure coding practices to drive standards within the software engineering organization.
* Experience working in a regulated (FDA, MDR) environment with medical instrumentation.
* Basic understanding of network security fundamentals (IP protocol, firewalls etc.).
* Recognized Security certifications are a plus (CISSP, CASP+, CSSLP etc.).