Product Security Engineer (Embedded Software) / Medical Devices / REMOTE WORK from Pioneer Data Systems
About the Job
Our client, a world-leading Pharmaceutical Company in Raynham, MA is currently looking for a Product Security Engineer (Embedded Software) to join their expanding team.
Position Details:
- Job Title: Product Security Engineer (Embedded Software) / Medical Devices / REMOTE WORK
- Duration: 8+ months contract, extendable up to 24 months
- Location: REMOTE WORK
- Client Location: Raynham, MA
Note:
- The client has the right-to-hire you as a permanent employee at any time during or after the end of the contract.
- You may participate in the company group medical insurance plan
Job Description:
- Staff Product Security Engineer
- The Product Security and Services team within Client's Information Security & Risk Management (ISRM) is recruiting for a full-time Staff Product Security Engineer to join the ISRM Product Security-DPS team to provide support the Client Synthes orthopedics portfolio, with preference for US office locations in Palm Beach Gardens, FL, Boston, MA and/or Raynham, MA.
- Caring for the world, one person at a time has inspired and united the people for over 125 years.
- We embrace research and science -- bringing innovative ideas, products, and services to advance the health and well-being of people.
- With *** billion in 2020 sales,
- Client is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets.
- Employees of the Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.
- If you have the talent and desire to touch the world,
- Client has the career opportunities to help make it happen.
- The Staff Product Security Engineer will be responsible for implementation of Pharmaceutical's enterprise Product Security strategy and framework throughout orthopedics portfolio.
- This includes identifying key strategy and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to senior management, identifying communications plans and raising overall awareness of the capability.
- Specific responsibilities include supporting DPS R&D throughout a new product's development phases, review product security requirements and recommend security design solutions, help complete Quality documentation, threat modelling, penetration testing, software architecture review and design recommendations, code analysis and other security testing or work as needed.
- Additionally, post market responsibilities for DPS marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to all customer security questionnaires and reviewing security language within contractual agreements.
Major Duties & Responsibilities:
- Support Global Product Security's framework:
- Help drive Product Security strategy and goals within DPS
- Partner with internal organizations to improve existing processes and policies
- Create and present Product Security metrics to senior management
- Help carry out Product Security governance model for pre and post market devices.
- Create remediation plans and assist the DPS engineering team with remediation.
- Respond to customer questionnaires and contractual language.
- Perform other work-related duties as assigned.
Qualifications:
- Minimum of a Bachelor's degree is required, MS and/or advanced degree is preferred
- A minimum of 6 years of experience in security and/or embedded software engineering functions is required
- Knowledge of product or medical device security is preferred
- Experience working with cloud based IoT management solutions is preferred
- Understanding of Quality Design Control processes and FDA submission process is preferred
- ISSP, CEH, MCSD, CSSLP or other certifications are preferred
- Intimate knowledge of real-time operating system (i.e. QNX, Linux, Windows Embedded) hardening techniques are required
- Ability to provide secure coding recommendations is required
- Knowledge in at least one coding language (i.e. C/C++, C#) with code review experience is required
- Software engineering experience including securely building embedded applications is required
- Ability to create and deliver Product Security awareness campaigns and other communications is required
- Must possess understanding of pen testing, vulnerability scanning, CVSS and/or other general security testing principles with the ability to provide specific recommendations on how to fix resulting vulnerabilities.
- Understanding embedded operating system security patching and vulnerability assessment is required
- Ability to work autonomously and proactively seek out security opportunities within DPS will be required
- Big Picture/Attention to Detail – align strategic and tactical.
- Must be results oriented and ability to drive to timelines
- Excellent interpersonal skills are required
- Creative problem-solving skills and strong customer focus (internal & external) is required
- Excellent communication and collaboration skills, able to network, interact and influence at all levels of the organization, cross sector, cross-functionally and globally is required
- Must possess consistent record to influence/collaborate to get to desired result, and strong leadership skills are required