Apply Now

Lead Product Security Engineer - Locals only

Jersey City, NJ, US • Posted 21 hours ago • Updated 21 hours ago

Contract Independent

Contract W2

No Travel Required

On-site

$55 - $60/hr

Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

Cyber Security
C
C#
C++
CISSP
API
Agile
Amazon Web Services
Certified Ethical Hacker
Code Review
FedRAMP
JFrog
Medical Devices
Microservices
Microsoft Windows
Python
QNX
Robotics
Regulatory Compliance
SAP BASIS
Security QA
Real-time
Security Controls
Ubuntu
Threat Modeling

Summary

Experience: 12+ Years

Job Description:
We are searching for top talent for Lead Product Security Engineer. The preferred locations for this role are San Jose, California; Cincinnati, Ohio; and Raritan, New Jersey. Remote opportunities in the US are available on a case by case basis and if approved by the company. This role may require up to 10 - 20% travel.

The Lead Medical Device Cybersecurity Engineer will be responsible for implementation of the customer''''s enterprise Product Security strategy and framework for the customer''''s MedTech Surgery Ottava Robotic Platform. This includes identifying key strategy and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to Ottava management, identifying communications plans and raising overall awareness of the capability.

Specific responsibilities include supporting Ottava’s R&D throughout a new product’s development phases, review product security requirements and recommend security design solutions, ensure the team completes Quality documentation, threat modelling, security risk assessment, penetration testing, software architecture review and design recommendations, code analysis and other security testing or work as needed.

Additionally, post market responsibilities for Ottava’s surgical robotic platform marketed devices include monitoring for new vulnerabilities, leading the product security teams with patching and remediation plans, as well as responding to all customer security questionnaires and reviewing security language within contractual agreements.

Key Responsibilities:
Help drive adherence to the customer''''s Product Security’s overarching framework
Partner with internal organizations to enhance existing processes and policies
Create and present Product Security metrics to management within Ottava and ISRM
Champion Product Security strategy and objectives across the Ottava Robotic Platform
Engaged as a subject matter expert to support completion of product security activities, tasks, deliverables, documentation, approvals, and product security controls. 
Responsible for defining security requirements for the product and associated applications
Responsible for reviewing the Threat Model and Security Risk Assessment in collaboration with Systems Engineering.
Responsible for supporting the FDA pre-market cybersecurity documents (as needed) and collaborating with regulatory compliance stakeholders and activities.
Responsible for the facilitation and assessing any third parties’ penetration testing and/or validation services. 
Perform regular reviews and analysis of security reports and issues, propose solutions where appropriate and lead their remediation.
Respond to alerts, security incidents, and assist in remediation as needed.
Respond to customer cybersecurity questionnaires for all post-market medical devices.
Other MedTech cybersecurity related duties as needed
Qualifications:

Required:
At least 5 years IT or cybersecurity experience and at least 2 years of product security experience
Bachelor’s degree or equivalent experience
Understanding of penetration testing, vulnerability scanning, CVSS and/or other general security testing principles
Ability to provide secure coding recommendations
Knowledge in at least one coding language (i.e. C/C++, C#, Python) with code review experience highly preferred
Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams
Knowledge of traditional and real-time operating systems (i.e. QNX, Windows Embedded, Ubuntu, Yocto) hardening techniques
Ability to translate technical security requirements into solutions
Creative problem-solving skills
Customer focus (internal & external)
Excellent communication and collaboration skills
Preferred Skills:

Understanding of Quality Design Control processes and FDA submission processes.
Hands-on experience with software security tools and platforms like Checkmarx, Black Duck, Jfrog Xray, etc.
Hands-on experience with vulnerability assessment tools.
Knowledge of product or medical device security or MDDS platforms.
Working knowledge of microservices architecture and API security.
Experience working within Agile methodology.
Software development experience
Experience leading or participating in formal security audits (i.e. HITRUST, SOC2, FedRAMP)
Security certification like CISSP/ AWS Security Specialist/ CEH or CSSLP a strong plus.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91163556
Position Id: 8945755
Posted 21 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Application Security Analyst

Brooklyn, New York

•

Today

Job Title: Application Security Analyst Location: Brooklyn, NY (Onsite) Duration: 36 Months Work Hours: 35 hrs/week Job Summary: The Application Security Analyst will embed security into every phase of the software development lifecycle for our client. This role focuses on threat modelling, vulnerability assessments, SAST/DAST scanning, CI/CD security integration, and compliance with major security frameworks while using industry-leading security tools. Required Qualifications: 8+ years of ex

Easy Apply

Contract, Third Party

Application Security Engineer

Brooklyn, New York

•

Yesterday

Contact Details: 1. Yashodatta Deshpande Email: Cell: 2.Saravanan Ganesan Email: Cell: Job Title: Application Security Engineer Location: Brooklyn NY 11201 (The position will be 3-day onsite hybrid) Duration: 12 months+ Years of Experience: 10+ Years Required Hours/Week: 35Hours/Week Note: local candidates only & F2F Interview Job Overview: The Application Security Engineer is embedded within the Application Development team and ensures security is integrated into all stages of software dev

Easy Apply

Contract

Senior Product Security Engineer

New York, New York

•

11d ago

{"description": "StubHub is on a mission to redefine the live event experience on a global scale. Whether someone is looking to attend their first event or their hundredth, we're here to delight them all the way from the moment they start looking for a ticket until they step through the gate. The same goes for our sellers. From fans selling a single ticket to the promoters of a worldwide stadium tour, we want StubHub to be the safest, most convenient way to offer a ticket to the millions of fans

Full-time

USD 200,000.00 - 250,000.00 per year

Cyber Security Engineer

New York, New York

•

Today

Software Guidance & Assistance, Inc., (SGA), is searching for a Cyber Security Engineer for a CONTRACT assignment with one of our premier Financial Services clients in Midtown Manhattan, NYC. Hybrid: 2-3 days/week in the office. Position Overview We are seeking a Cyber Security Engineer to take ownership of security engineering and operations across a complex, multi-environment landscape. This role sits at the intersection of hands-on engineering and strategic execution, focused on buildin

Contract

USD 80.00 - 90.00 per hour

Search all similar jobs