Senior Product Security Engineer

What if the work you did every day could impact the lives of people you know? Or all of humanity?

At Illumina, we are expanding access to genomic technology to realize health equity for billions of people around the world. Our efforts enable life-changing discoveries that are transforming human health through the early detection and diagnosis of diseases and new treatment options for patients.

Working at Illumina means being part of something bigger than yourself. Every person, in every role, has the opportunity to make a difference. Surrounded by extraordinary people, inspiring leaders, and world changing projects, you will do more and become more than you ever thought possible.

Reporting to the Senior Manager, Product Security, the Sr Product Security Engineer (PSE), is a critical role at Illumina in ensuring the manufacturing of our physical medical devices and software solutions development are secure. This position requires experience, knowledge, and skills in the areas of software, embedded systems, medical devices and manufacturing security.  The individual will be responsible for delivering the pre-market security initiatives of solutions including Illumina medical instruments and connected software before they are released to customers.

Position Summary
The Product Security Team is looking for a talented Sr Product Security Engineer to help us strengthen our world-class business. As a valued team member, you will define, identify, evaluate, and maintain controls, providing visibility into the health, and security of our products.  

You will be collaborating closely with engineering, development, and technology groups to define and maintain medical device security and extend modern technologies through manufacturing. The Staff Security Engineer will be responsible for testing and validating components of the genomic sequencing products, software and interconnected solutions that take product security to the next level.  You are highly motivated to integrate security capabilities into continuous release planning and execution for all Illumina products. 

Responsibilities

• Perform security testing of physical medical devices and interconnected cloud services. 
• Conduct product threat modeling exercises with development teams and provide expertise in risk remediation.
• Write security testing reports summarizing results for manufacturing process systems and software validation projects.
• Develop and communicate expectations for continuous vulnerability management: identification, triage, analysis, and remediation recommendations.
• Evaluate existing controls to identify gaps and areas for improvement
• Consult with Engineering and Development Teams on complex security problems.
• Perform independent security research on genomic sequencing devices.
• Drive security by turning findings into actions and deliverables.
• Understand attack methods and vectors then translate those into test cases that may exploit software weakness or logic flaws and provide direction to development to resolve the issues
• Document regulatory requirements for submission of products in development.
   

Requirements

• Minimum 3+ years of application and product security experience with track record of delivering processes and solutions based on industry standard security concepts and best practice frameworks. 
• Experience with medical device security testing.
• Work collaboratively with other engineers to automate software test cases within a maintainable test automation environment
• Work with software developers, scientists, and domain experts in understanding requirements of the software and translating to test cases and automated test scripts
• Understanding of OWASP Top 10 Web Application Vulnerabilities.
• Proficient with Linux shell, PowerShell, Perl and/or Python
• Coding experience with one or more of the following: .Net, Java, Perl, JavaScript
• Experience with software security tools like nMap, Wireshark, Kali Linux, OpenVAS
• Effective communicator delivering key messages to team stakeholders, and business partners using informative clear verbal and written communications
• Experience with a medical device manufacturer or other relevant Regulated industry highly preferable
   

Education

• Bachelor’s degree in computer science, engineering, or similar and relevant work experience
• Professional qualifications highly preferred.  Example: CISSP, CISM, CSSLP, or OSCP.

Illumina believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information.