Embedded Product Security Engineer II- Medical Device (Remote)

Requisition ID:          62198 Title: Embedded Product Security Engineer II- Medical Device (Remote) Division: Arthrex, Inc. (US01) Location: Naples, FL Salary Range: Salary Minimum:   Salary Maximum:   

Seeking Embedded Software Engineers with an interest in cybersecurity wanting a career that positively impacts people lives!!

 

Arthrex is a global medical device manufacturer, and our mission is Helping Surgeons Treat Their Patients Better™.  The right candidate for this role will have some experience securing and pen-testing embedded or IoT devices along with a background in electrical engineering or software system design.  As our Embedded Product Security Engineer II, your day-to-day would be assisting our product design and development teams in securing connected and IoT medical devices.  You would take part in architecture reviews, grooming product security requirements, testing for vulnerabilities, and documenting the steps of our Secure Product Development Framework for use in regulatory submissions around the globe.  You will have the opportunity to attend training for security certifications and go to events like H-ISAC Conferences, DEF CON, and Black Hat.  And of course, you would get to help secure cutting-edge technology that has a positive impact in society!

 

We are open to this role sitting in our office in either of our Naples or West Coast facilities with a flexible hybrid work from home schedule.

 

Main Objective:  

• Responsible for product software and hardware design implementations from a cybersecurity perspective, and identifying and resolving security issues, including the appropriate security analysis, defenses, and countermeasures at each phase of the product lifecycle, to result in robust and reliable products.

    
Essential Duties and Responsibilities: 

• Designs security architecture of components or functional systems and modifies existing designs to develop or improve products.
• Recommends alterations to development and design to improve the security of products and/or procedures.
• Contributes to a broader design perspective and considers how an application interacts with the underlying infrastructure or external resources.
• Develops threat scenarios and designs responses for associated vulnerabilities to mitigate risk.
• Maintains design history file for assigned projects, adhering to Arthrex design control procedures.
• Determines the necessity of security testing and initiates testing of assigned products.
• Provides Regulatory department technical support for assigned projects as needed.
• Supports Marketing and Product Management with technical information to be used for training and marketing of assigned products. 
• Supports Software Engineering to design and develop components, processes, and training using Security-by-Design and Privacy-by-Design principles.
• Supports surgeon and distributor customers in the sales process by educating and demonstrating security-focused aspects of assigned products as needed. 
• Partner with Legal, Compliance, Privacy, and Information Security departments to ensure products and staff comply with required laws, regulations, and policies.
• Reports progress and status of assigned projects on a timely basis.  
• May be required to travel; International travel may be required.

Knowledge:

• Frequent use and general knowledge of industry practices, techniques, and standards.  General application of concepts and principles.

 

Reasoning Ability:

• Develops solutions to a variety of problems of moderate scope and complexity.  Refers to policies and practices for guidance.

 

Skills:

 

• Working knowledge of custom Linux distributions would be a plus.
• Knowledgeable of System and Software Development Processes and Lifecycles required.
• Knowledgeable of application security best practices required.
• Experience securing operating systems with industry best practices
• Develops solutions to a variety of problems of moderate scope and complexity.  Refers to policies and practices for guidance.
• Knowledgeable of FDA and ISO guidelines for the development of medical devices preferred.
• Project management and communication skills training preferred.
• Experience in web application security and controls concepts preferred.
• Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred

Education/ Experience:

• 2 years of related experience required.
• Bachelor’s degree required.  Preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering), Computer Science, Information Security, or Cybersecurity.
   

 

 

 

Arthrex Benefits

• Medical, Dental and Vision Insurance
• Company-Provided Life Insurance
• Voluntary Life Insurance
• Flexible Spending Account (FSA)
• Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
• Matching 401(k) Retirement Plan
• Annual Bonus
• Wellness Incentive Program
• Gym Reimbursement Program
• Tuition Reimbursement Program
• Trip of a Lifetime
• Paid Parental Leave
• Paid Time Off
• Volunteer PTO
• Employee Assistance Provider (EAP)

 

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law.