Job Description Summary
This position involves improvements and automation in our ROWA department, working closely with compliance and regulatory affairs. It includes very technical aspects, such as compliance, cyber security, preparation of documents. We are flexible, allowing this position to be either full time or part time according to need and individual agreement.
Job Description
A career at BD means learning and working alongside inspirational leaders and colleagues who share a passion for fostering an inclusive, growth-centered, and rewarding culture. You will have the opportunity to help shape the trajectory of BD while leaving a lasting legacy. To find purpose in the possibilities, we need people who can see the bigger picture, understanding the human story that underpins everything we do.
We welcome people with the imagination and drive to help us reinvent the future of health. At BD, you'll discover a culture where you can learn, grow and thrive, finding satisfaction in doing your part to make the world a better place.
Become a Maker of Possible with Us
We are offering more flexibility, allowing this position to be either full time or part time based on need and individual agreement.
Responsibilities:
1. Educate engineering teams to understand security requirements and implement practical solutions into new and existing products.
2. Implement software security solutions and architect/design products in accordance with industry accepted standards for medical device security, including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring.
3. Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers both on and off-site.
4. Lead technical design reviews.
5. Assist product development teams in creating Product Security documentation.
6. Assist product development teams regarding the approval of product security documentation in various document management systems.
7. Assist product development teams and co-create Threat Models.
8. Become a subject matter expert for the security footprint of a product.
9. Manage together with the product development team the security roadmap and keep track of milestones.
10. Participate on product security incident response teams.
11. Interface with other technical departments such as Penetration Testing Team, Systems, Hardware Engineering, Quality, and technical services.
12. Assure adherence to BD development policies and software quality procedures.
13. Supporting the Product Security Documentation process.
Please Note: This is a fixed term contract with an end date of 30.09.2025.
Qualifications:
* BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field or equivalent work experience required.
* Minimum of 3 years of experience in IT-Security architecture, secure software development, systems & architecture concepts, and designs.
Required Knowledge, Skills, and Attributes:
* Understand different software development mythologies and embed product security milestones into agile and waterfall development principles.
* Practical experience with Project Management.
* Capability to build relationships with key personnel in product development teams.
* Good understanding of technical IT- and Cybersecurity aspects and the ability to explain technical risks to technical and non-technical audiences.
* Solid understanding of IT-Security domains.
* Highly self-organized and ability to work in a complex matrix organization.
* Understanding of networking and related security aspects and common attacks.
* Demonstrated understanding of developing in a regulated environment and adhering to a quality management system.
* Excellent written and verbal communication and interpersonal skills are essential.
* Solid understanding of Microsoft Office products and tools.
Nice-to-Haves:
* Experience with Security tools and distributions (BurpSuite, Nessus, NMAP, )
* Experience with Dynamic and static code analysis tools.
* Knowledge of Completing a Track Trace and plan using a Security Requirements Traceability Matrix (SRTM) or similar tool with the goal of tracking.
* Experience working in a regulated (FDA, MDR) environment with medical instrumentation.
* Work experience in network security along networking fundamentals (IP protocol, firewalls etc.) strongly desired.
* Recognized Security certifications (CISSP, CEH, CSSLP etc.)