Staff Engineer Product Security, Design
Karnataka, Bengaluru Bridge+ Unit No. 2, India
What you will do:
You will support cybersecurity risk analysis and threat modeling and develop mitigation strategies to develop secure medical products.
You will work closely with cross-functional teams, including Quality, Regulatory, and Marketing, in driving alignment around product Cybersecurity, HIPAA, and GDPR compliance.
You have experience designing and implementing security architectures for complex software products and systems.
You possess in-depth knowledge of security technologies and best practices, including cryptography, secure coding, and threat modeling.
You will support or lead in all product hardware and software security facets, including systems hardening, automated and manual penetration testing, automated vulnerability scanning for compliance, and issue remediation.
You will lead manual and automated code reviews for complex embedded and clinical application software to identify security flaws.
You will develop and implement security policies and procedures to ensure compliance with industry standards.
You will integrate automated security testing into all phases of SDLC & automate routine tasks and extract valuable data using various scripting languages like PowerShell, Ruby, or Python.
Required Qualifications (Required):
Bachelor's degree in Software Engineering/ Computer Science or related discipline & 6+ years of work experience
Experience with threat modeling and risk assessment.
Experience with security requirements, data security, malware analysis, vulnerability assessment, and penetration testing using off-the-shelf tools and techniques is preferred.
Understanding one or more security standards/frameworks like NIST 800-53, IEC80001-2-8, IEC 27002, ISO 27799, IEC 15408-2, and IEC 62443-3-3.
Preferred Qualifications (Strongly desired):
Solid understanding of Linux operating systems.
Experience in securing medical devices or embedded devices & understanding of networking concepts.
Understanding quality standards like IEC 62304, IEC 60601, and 21CRF 820.
Security certifications such as CISSP-ISSAP, CCSP, OSCP or CEH are a plus.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CCSP CEH CISSP Compliance Computer Science Cryptography GDPR HIPAA IEC 62443 Linux Malware NIST NIST 800-53 OSCP Pentesting PowerShell Product security Python Risk analysis Risk assessment Ruby Scripting SDLC
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.