Cyber Security Engineer

Overview

On Site
$50 - $57
Contract - W2
Contract - 06 Month(s)

Skills

Cybersecurity
NIST
Python
incident response
vulnerability
risk assessment

Job Details

Title: Cyber Security Engineer

Location: Wauwatosa, WI 53226 - Hybrid

Duration: 06+ Months

Position Summary:

Overview
We are seeking a skilled Cyber Security Engineer (contract) to fill a key role within General Imaging (GI) Ultrasound, with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities.

Key Responsibilities
Installed Base and Commercial Support
Cyber Support activities:
o Complete DoD monthly security scans
Complete remediation actions and prepare quarterly POAM review
Ready solutions for open issue closure per schedule
o Support commercial and installed base inquiries
Vulnerability Management
Vulnerability analysis and issue mitigation
o Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components
o Scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment
o Engage in incident response methods, lead incident response processes related to product cyber
o Create and track meaningful metrics around product cyber risk and compensating controls
o Discover and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR)
o Develop and design innovative cyber security solutions for unique and complex technologies
o Assess and investigate specific threats in terms of severity and impact
o Create detailed reports on vulnerabilities, bugs, and design flaws
o Create vulnerability and incident trend analysis to improve product design
o Automate cyber trending and change detection
Design an early detector, of changes in security status with the ability to compare SBOM, SCAP and NESSUS results against a baseline

Product security
o Engage and administer End of Life processes for digital products
o Consult architects on security requirements and utilize best practices to meet requirements.
o Engage in application and domain-specific threat modeling and attack surface analysis/reduction
o Prepare reports at appropriate levels of confidentiality for stakeholders to view

Qualifications
Bachelor s degree in computer science or STEM Majors (Science, Technology, Engineering and Math) with minimum of 6 years of professional experience including Cyber Security
Certification in the Privacy, Security & Regulatory domain or related certification
Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code
Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic
Hands-on experience working with Windows and Linux based systems
Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others)
Business Acumen: Able to translate vulnerability information into business risks relevant to our customers
Good understanding of workflow in the healthcare industry
Knowledge of ultrasound or demonstrated experience with development of medical device software
Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance
Experience with secure coding principles; code signing and secure boot
Experience with penetration testing and ethical hacking
Demonstrated ability to work with blended Agile teams, including global teams
Excellent communication, facilitation, and documentation skills

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.