Product Security Engineer (Hybrid) (EET6648)
Location: Limerick, Ireland
Sector: IT
Salary: Apply for details
Product Security Engineer (Hybrid)
Location: Limerick - Must be onsite 2/3 days per week.
Duration: Permanent
About the role:
As the Product Security Engineer, you will be responsible for the implementation of security requirements and secure coding standards, e.g., NIST SP 800-53, OWASP, and MS Secure Coding Standards. You will evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static and dynamic code analysis tools. In addition to defining security requirements for new product development, the role requires you to support teams in remediating vulnerabilities with existing products.
Day-to-day primary responsibilities include leadership in enhancing, demonstrating, and creating alignment with the extended team, suppliers/partners, and the larger organization of resources and experts. You will participate in a full medical software development life cycle and adhere to a well-defined quality management system and Product Security Development Framework.
Main responsibilities will include:
* Support teams in reducing product risk by finding practical solutions on how to increase security in new and existing products.
* Work in a team supporting R&D in implementing secure software solutions by ensuring architecture is in accordance with industry-accepted standards for medical device security including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring.
* Assist in product security risk assessments and provide vulnerability remediation guidance to product development software engineers both on and off-site.
* Develop and ensure software engineering procedures are aligned with product security requirements.
* Support the Product Security Documentation process including:
o Providing standardized Product Security documentation.
o Organizing and supporting the document review and approval process.
o Ensuring that deliverables are delivered punctually and to the required level of quality.
* Interface and oversee product security aspects of technical departments such as Systems Hardware, Quality, and technical services.
* Collaborate with other resources to ensure effective design and implementation goals.
* Assure adherence to development policies and software quality procedures.
About you:
* BS degree in Computer Science, Computer Engineering, Electrical Engineering, other related engineering field, or equivalent work experience required.
* Minimum of 3 years of experience in areas such as IT-Security, secure software development and designs, and risk management.
* Working experience with various encryption algorithms and PKI solutions.
* Understanding of security issues and solutions for embedded devices.
* Good understanding of networking and related security aspects and common attacks.
* Demonstrated understanding of developing in a regulated environment and adhering to a quality management system.
* Excellent written and verbal communication and interpersonal skills are essential.
* Demonstrated positive work ethic with a strong commitment to achieving project goals.
* Good understanding of Microsoft Office products and tools.
In addition to the above skills, the following skillset would be advantageous but not essential:
* Experience with Dynamic and static code analysis tools.
* Knowledge of completing a trace plan using a Security Requirements Traceability Matrix (SRTM) or similar tool with the goal of tracking:
o Security Requirements
o Source of Requirement
o Requirement Objective
o Verification Method
* Understanding of vulnerability scans and static code analysis results.
* Understanding proper secure coding practices to drive standards within the software engineering organization.
* Experience working in a regulated (FDA, MDR) environment with medical instrumentation.
* Basic understanding of network security fundamentals (IP protocol, firewalls, etc.).
* Recognized Security certifications are a plus (CISSP, CASP+, CSSLP, etc.).
Candidates should hold appropriate RTWs for Ireland i.e. Stamp1G, Stamp 4, Irish/British/EU passport.
For more information please apply here or contact Agnes Reena / agnes.reena@eirevo.ieContact: 0858564199
eir evo talent is an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital / civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality and ethnic or national origin, colour, sexual orientation or disability. eir evo talent applies all relevant Data Protection laws when processing your Personal Data.
If you choose to apply to this opportunity and share your CV or other personal information with eir evo talent, these details will be held by us in accordance with our privacy policy used by our recruitment team to contact you regarding this or other relevant opportunities at eir evo talent.
Ref: EET6648
#J-18808-Ljbffr