Product Security Engineer
Hudson , MA 01752 US
Title: Senior Product Security Engineer
Hiring Organization: Connexion Systems & Engineering
- Duration: PERM
- Pay rate: 155-165k
- Job Location: Hudson, MA (Hybrid)
- Job# 15850
Senior Product Security Engineer to join the Global R&D engineering team in the MA office headquarters to be a member of a team that creates, designs, and tests highly complex medical devices. As the Senior Product Security Engineer, you will lead software security in the company’s products and services. You will evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static /dynamic code analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk. In this role, you will participate in a full medical software development life cycle and adhere to a Medical quality management system.
Essential Job Functions
- Design and Implement software security solutions in accordance with industry-accepted standards for cryptography engineering, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
- Develop and administer software engineering procedures and training for vulnerability scans and static /dynamic code analysis.
- Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers.
- Monitor product security remediation efforts to successful completion including the development of supporting evidence and documentation.
- Participate in company-wide product security initiatives as necessary.
- Participate in all Software Development Life Cycle phases.
- Manage and document OTS/SOUP.
- Responsible to develop and write software security requirements and related documentation.
- Work closely with test engineers to support the development and modification of security related test cases.
- Write code according to professional and established standards.
- Mentor software team members in areas of cybersecurity.
- Design and integrate security into client DevOps.
- Effectively communicate verbally and in writing across multiple Global functions and levels of the organization
- Work with cross functional teams and be familiar with business vision and requirements.
- Be a great team player!
- Degree in in Engineering (Computer, Software, Electrical), Computer Science or other related Engineering discipline .
- 7 + years’ experience in developing complex multi-threaded web/ desktop application s using C# .NET .
- 5+ year experience in working with major cloud provider (Azure, AWS, GCP).
- Knowledge of common security standards and best practices, such as NIST 800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards .
- Knowledge of medical devices security standards and best practices , such as TIR57, TIR97, UL2900-1/2 , ISO/IEC 15408, various FDA guidance and standards for Cybersecurity.
- Knowledge of Windows hardening techniques .
- Deep understanding of Threat Modeling techniques.
- Experience in working with design patterns.
- Experience in developing automate d software unit tests.
- Experience in Continuous Integration/Continuous Deployment (CI/CD) .
- Expert knowledge in GIT source control .
- Experience in the participation in Software Development Life Cycle phases (IEC 62304) .
- Ability to understand and resolve problems at both system and code levels.
- Excellent communication skills .
Preferred, nice to have :
- Experience in design/development of complex medical device SW is a big plus (IEC 62304) .
- Experience with server less applications , databases or IoT SW solutions .
- Experience working in a regulated environment and adhering to a quality management system .
- Experience working with embedded systems, RTOS .
- Cybersecurity certifications , preferably CISSP
Please use the apply button to submit your resume for consideration. A Connexion Representative will contact you immediately.
When responding to this job posting you MUST include the Job# and Job Title in your subject line.
If you are active in a job search but this job is not for you, please reach out to . We would be glad to help you find the perfect job!