Work Flexibility: Hybrid

What you will do:

Support cybersecurity risk analysis and threat modeling and develop mitigation strategies to develop secure medical products.Work closely with cross-functional teams, including Quality, Regulatory, and Marketing, in driving alignment around product Cybersecurity, HIPAA, and GDPR compliance.Support or lead in all product hardware and software security facets, including systems hardening, automated and manual penetration testing, automated vulnerability scanning for compliance, and issue remediation.Lead manual and automated code reviews for complex embedded and clinical application software to identify security flaws.Develop and implement security policies and procedures to ensure compliance with industry standards.Automate routine tasks and extract valuable data using various scripting languages like PowerShell, Ruby, or Python.Lead cybersecurity documentation requests from legal and sales teams as needed.Support or lead incident response, V&E assessments and manage the resolution of security incidents.

What you need:

Required Qualifications:

Bachelor’s degree in software engineering/ computer science or related discipline & 3+ years of work experience.Understanding one or more security standards/frameworks like NIST 800-53, IEC80001-2-8, IEC 27002, ISO 27799, IEC 15408-2, and IEC 62443-3-3.Solid understanding of Linux operating systems.Experience in securing medical devices or embedded devices.Experience with threat modeling, VAPT and risk assessment.

Preferred Qualifications:

Experience with security requirements, data security, malware analysis, vulnerability assessment, and penetration testing using off-the-shelf tools and techniques is preferred.Understanding of networking concepts.Understanding quality standards like IEC 62304, IEC 60601, and 21CRF 820.Security certifications such as CISSP-ISSAP, CCSP, OSC

Travel Percentage: 10%