Senior Product Security Engineer

Company Description

At Intuitive, we are united behind our mission: we believe that minimally invasive care is life-enhancing care. Through ingenuity and intelligent technology, we expand the potential of physicians to heal without constraints.

As a pioneer and market leader in robotic-assisted surgery, we strive to foster an inclusive and diverse team, committed to making a difference. For more than 25 years, we have worked with hospitals and care teams around the world to help solve some of healthcare's hardest challenges and advance what is possible.

Intuitive has been built by the efforts of great people from diverse backgrounds. We believe great ideas can come from anywhere. We strive to foster an inclusive culture built around diversity of thought and mutual respect. We lead with inclusion and empower our team members to do their best work as their most authentic selves.

Passionate people who want to make a difference drive our culture. Our team members are grounded in integrity, have a strong capacity to learn, the energy to get things done, and bring diverse, real world experiences to help us think in new ways. We actively invest in our team members to support their long-term growth so they can continue to advance our mission and achieve their highest potential.

Join a team committed to taking big leaps forward for a global community of healthcare professionals and their patients. Together, let's advance the world of minimally invasive care.

Job Description

Primary Function of Position:

The Sr Product Security Engineer will contribute broadly to the Product Security Team and product development groups by conducting security testing and analysis of Intuitive Surgical products. The primary functions of the position include validation and verification of the security solutions and features in our current and next generation surgical robotic systems. The successful candidate must excel in a high-energy team environment and have a commitment to high product quality throughout the product lifecycle.

Responsibilities:

• Development of product security design validation and verification methodologies.
• Develop and execute product security test strategies and test plans.
• Contribute to security evaluation and threat assessments of a wide range of Intuitive Surgical products.
• Document and verify the existing security mitigations and identify if additional mitigations are required for Intuitive Surgical products.

Qualifications

Required Skills and Experience

• Minimum of 8 years of related experience and a Bachelor’s degree; or 6 years of experience and a Master's degree; or a PhD with 3 years of experience; or equivalent experience
• In-depth knowledge of security concepts regarding device, operating systems, firmware and software security
• Minimum of 3 years of experience with C/C++ development and scripting with Python and Bash
• Experience on security verification and testing associated with device interfaces including USB, JTAG, serial ports, UART, SPI, CANBUS, Ethernet and Wi-Fi
• Knowledge of TCP/IP, Networking and Public key cryptography
• Experience on security validation and verification practices, techniques, and tools such as Kali Linux, Wireshark, nmap, and Metasploit
• Experience with secure coding practices, code analysis and reviews, and vulnerability triage
• Familiarity with product security assessments, threat modeling, and risk analysis
• Security Certifications such as OSCP or CEH is a plus
• Excellent documentation and communication skills

Preferred Skills and Experience

• Experience with Medical Device Industry regulations pertaining to Cybersecurity
• Experience working with third-party penetration testing vendors

Additional Information

Due to the nature of our business and the role, please note that Intuitive and/or your customer(s) may require that you show current proof of vaccination against certain diseases including COVID-19.  Details can vary by role.

Intuitive is an Equal Employment Opportunity / Affirmative Action Employer. We provide equal employment opportunities to all qualified applicants and employees, and prohibit discrimination and harassment of any type, without regard to race, sex, pregnancy, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, genetic information or any other status protected under federal, state, or local applicable laws.

EEO and AA Policy

We will consider for employment qualified applicants with arrest and conviction records in accordance with fair chance laws.

Preference will be given to qualified candidates who do not reside, or plan to reside, in Alabama, Arkansas, Delaware, Florida, Indiana, Iowa, Louisiana, Maryland, Mississippi, Missouri, Oklahoma, Pennsylvania, South Carolina, or Tennessee.

We provide market-competitive compensation packages, inclusive of base pay, incentives, benefits, and equity. It would not be typical for someone to be hired at the top end of range for the role, as actual pay will be determined based on several factors, including experience, skills, and qualifications. The target salary ranges are listed.