- Bachelor's Degree in Engineering (Computer, Electrical, Computer Systems, Systems, or Software), Computer Science, or related discipline
- 1-3 years of Cybersecurity Engineering, software engineering design and development, or systems administration experience
- Experience in assessing and remediating cybersecurity vulnerabilities
- Demonstrated knowledge and experience working with C++, Python, Perl, or Shell
- Experience with OpenSSL, TLS mutual authentication, digital signatures, certificate management
- Previous experience working in a regulated industry such as automotive, aerospace, healthcare, or defense
- Excellent verbal and written communication skills, with ability to communicate to all levels of the organization
Preferred Qualifications:
- Master's Degree in Engineering (Computer, Electrical, Computer Systems, or Software), Computer Science, or related discipline
- Experience in Linux system administration on RHEL or similar distributions
- Well versed in FDA Cybersecurity Guidance, GDPR, and NIST
- Familiar with DISA STIG assessment and implementation for Linux and/or Windows systems
- Knowledge of secure programming practices
- Experience in threat modeling, cybersecurity risk assessment, or Off The Shelf Software (OTS) assessment
- Cybersecurity certification such as CISSP, CSSLP, or similar
- Knowledge of 62304 and other standards applicable to Class II and Class III medical devices
Primary Responsibilities:
- Optimize product/system security by creating and reviewing software architecture and detailed design solutions that reflect best practices.
- Identify and implement software improvements needed to effectively protect against and respond to known and emerging cybersecurity threats.
- Perform or support security testing such as penetration tests, fuzz testing, and internal/external audits. Coordinate remediation as necessary.
- Work with Software Development, Systems Engineering, Product Security, and other stakeholders to develop cybersecurity controls.
- As a team member, contribute significantly to completion of various project activities, from definition, identifying software functional requirements, implementation, code reviews, and final release according to medical device development processes