No more applications are being accepted for this job

Staff Product Security Engineer - Boston, United States - Source One Technical Solutions

Source One Technical Solutions Boston, United States

2 weeks ago

Description

Source One Technical Solutions is seeking a qualified Staff Product Security Engineer for a global pharmaceuticals company based in Raynham, MA for an exciting consulting opportunity

No C2C or sponsorships availableTitle:
Staff Product Security Engineer (Contractor)

The contract duration is initially 8 months with likely extension40 hours, Mon-FriDescription:
The Product Security and Services team within the Information Security & Risk Management (ISRM) is recruiting for a full-time Staff Product Security Engineer to join the ISRM Product Security-DPS team to provide support for an orthopedics portfolio, with preference for US office locations in Palm Beach Gardens, FL, Boston, MA and/or Raynham, MA

Position Summary:
Implementation of enterprise Product Security strategy and framework throughout orthopedics portfolio.

Identifying key strategy and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to senior management, identifying communications plans and raising overall awareness of the capability.

Supporting DPS R&D throughout a new products development phases, review product security requirements and recommend security design solutions, help complete Quality documentation, threat modelling, penetration testing, software architecture review and design recommendations, code analysis and other security testing or work as needed.

Post market responsibilities for DPS marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to all customer security questionnaires and reviewing security language within contractual agreements.

Support Global Product Securitys framework.

Help drive Product Security strategy and goals within DPSPartner with internal organizations to improve existing processes and policiesCreate and present Product Security metrics to senior managementHelp carry out Product Security governance model for pre and post market devices.

Create remediation plans and assist the DPS engineering team with remediation.
Respond to customer questionnaires and contractual language.
Perform other work-related duties as assigned.

Qualifications:
Minimum of a Bachelors degree is required, MS and/or advanced degree is preferredA minimum of 6 years of experience in security and/or embedded software engineering functions is requiredKnowledge of product or medical device security is preferredExperience working with cloud based IoT management solutions is preferredUnderstanding of Quality Design Control processes and FDA submission process is preferredCISSP, CEH, MCSD, CSSLP or other certifications are preferredIntimate knowledge of real-time operating system (i.e.

QNX, Linux, Windows Embedded) hardening techniques are requiredAbility to provide secure coding recommendations is requiredKnowledge in at least one coding language (i.e.

C/C++, C#) with code review experience is requiredSoftware engineering experience including securely building embedded applications is requiredAbility to create and deliver Product Security awareness campaigns and other communications is requiredMust possess understanding of pen testing, vulnerability scanning, CVSS and/or other general security testing principles with the ability to provide specific recommendations on how to fix resulting vulnerabilities.

Understanding embedded operating system security patching and vulnerability assessment is requiredAbility to work autonomously and proactively seek out security opportunities within DPS will be requiredBig Picture/Attention to Detail align strategic and tactical.

Must be results oriented and ability to drive to timelinesExcellent interpersonal skills are requiredCreative problem-solving skills and strong customer focus (internal & external) is requiredExcellent communication and collaboration skills, able to network, interact and influence at all levels of the organization, cross sector, cross-functionally and globally is requiredMust possess consistent record to influence/collaborate to get to desired result, and strong leadership skills are required#J-18808-Ljbffr