Embedded Software Security development engineer

Job Title

Embedded Software Security development engineer

Job Description

Emergency Care Business:

In late January, we announced that Bridgefield Capital signed an agreement to acquire Philips’ Emergency Care business which includes leading brands and products like HeartStart AEDs, Intrepid and DFM100 monitor defibrillators, Tempus monitor and Tempus ALS systems, and Corsium and ECI informatics solutions. We expect the transaction to close at the end of 2025. 

With Bridgefield’s support and building on our 40+ year legacy of growth and innovation in emergency medical technology, the Emergency Care business will continue passionately pursuing our mission of saving lives, lowering the cost of healthcare, and advancing the science of resuscitation while serving the public access AED, EMS, military, and hospital market segments.

Embedded Software Security Development Engineer

This is an individual contributor role. As part of the Emergency care Embedded team, the Embedded Security development and Test Engineer would –

Your role:

• Develop embedded software for required security in project.
• Perform comprehensive embedded software security Testing.
• Understand and analyze the embedded software from a security point of view.
• Understand the application security risks and Threat modeling of applications
• Create and execute the corresponding security development and test cases to develop and verify the mitigations and their proper implementation in the application.
• Able to guide and support development teams to fix the security vulnerabilities in the code.

You're the right fit if:

Educational Qualifications:

BE/B. Tech or ME/M. Tech in Embedded/Electronics/Computer Engineering or equivalent from an accredited university or similar would be preferred.

Required experience:

• 8+ years of security experience including responsibility for the security of an embedded software application and IT infrastructure including defining product security roadmap
• Experience in Programming language C++
• Microprocessor/Microcontroller development – Strong Knowledge and working experience on STM etc. microcontrollers (domain knowledge for designs SW, HW)
• Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).
• Experience in assessing security of-iaas, paas, saas platforms would be helpful
• Experience in wireless communications technologies like Bluetooth, NFC, LTE Modem etc.
• Product/Information security experience in all phases of service development and deployment including architecture, design, development, testing, release, and operational maintenance
• Incident management, including analysis and response
• Experience in designing security solutions.
• Global working experience in enterprise application development & Cloud Computing
• Preferred experience
• Experience in the healthcare sector and HIPAA would be
• Experience leading change management systems
• Experience with NIST 800-53
• Ideal candidate would have worked on the software development initially and then graduated in to either -S/W architecting/security assessments ensuring security in the product design

Required skills:

• Excellent Cyber Security capabilities
• Strong knowledge of secure software development lifecycle and practices such as threat modelling, security reviews, penetration tests, and security incident response 
• Understanding security by design principles and architecture level security concepts
• Exposure to privacy requirements
• Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities 
• Excellent communication and leadership skills 
• Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
• Understanding of Security RFCs, ability to craft security testing scenarios for the underlaying product features.  
• Knowledge of current privacy global regulatory landscape and self-regulatory frameworks including but not limited to GDPR, HIPAA, ISO, EU data protection
• preferred skills
• Sound security engineering knowledge (technical) so as to work collaboratively with the Tech Leads and software/products architects to ensure secure Products
• Knowledge of information system architecture and security controls (e.g., firewall and border router configurations, wireless architecture, specialized appliances)
• Sound implementation Knowledge of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA), OATH authentication, 2FA

Preferred certification/s

Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP,  CISSP, CISM, CIPP, CIPT, CIPM, or SABSA,CEH,ECSA ,LPT,OSCP
 

How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week.

This role is an office based role.

About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about our business.
• Discover our rich and exciting history.
• Learn more about our purpose.

If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our commitment to diversity and inclusion here.

#LI-PHILIN