A global leader in medical technology and research is seeking a staff-level Product Security Software Engineer to lead risk assessments and guide vulnerability remediation within their software engineering division. This position will interface with other technical teams across product development, security operations, and quality control.
- Work with software development teams to evaluate product designs and offer remediation solutions; serve as a security liaison and mentor for software engineers.
- Lead product security risk assessments throughout the Software Development Life Cycle (shift-left).
- Implement security solutions in accordance with evolving industry standards for encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
- Lead architecture/design reviews and code analysis procedures and demonstrate proper secure coding practices.
- Assist security teams in Incident Response and Penetration Testing and help create Security White Papers.
- 7+ years related experience in product security/Secure SDLC; 5+ years hands-on secure software development experience preferred.
- Advanced knowledge of secure coding and cybersecurity standards including: NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT.
- Familiar with product security solutions including threat modeling and code analysis tools.
- Demonstrated networking security, TCP/IP, encryption, and socket development experience.
- B.S. in Computer Science or related technical field required; relevant certifications preferred.
- Experience working in a regulated (FDA preferred) environment with medical instrumentation is a plus
This is a 100% Remote role. Candidates must be located in the United States and authorized to work without sponsorship. Be a part of something bigger - apply today!