Job Description

Cyber Security Architect

This is a remote position.

As the Cyber Security Architect you will partner with our product development and engineering organizations to enable them to build and enhance security in the Diabetes care and Digital Health products and services.

The right candidate is a positive, forward-looking person who must be self-directed requiring minimal daily direction, collaborates often and effectively with project team members, presents a positive and professional demeanor with customers, and excels at solving difficult problems.

You will evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static code analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk. The Cyber Security Architect will participate in a full medical software development life cycle and adhere to a quality management system.

In this role you will be responsible for:

• Design and implement software security solutions in accordance with industry accepted standards for encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
• Develop and administer software engineering procedures and training for vulnerability scans and static code analysis
• Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers.
• Keep abreast of advances in secure system design and development practices, threats and threat actors, and new attack techniques or areas of security research, and provide guidance to the product organizations to help them avoid or mitigate future security concerns.
• Assist product development teams in creating Incident and Vulnerability Management Plans and Product Security White Papers
• Participate on product security incident response teams.
• Interface with other technical departments such as Penetration Testing Team, Systems and Hardware Engineering
• Interface with Quality and Technical Service
• Demonstrate proper secure coding practices driving standards within the software engineering organization
• Lead technical design reviews and code inspections. Provide clear, actionable feedback for project team members

To be successful in this role, you require:

• Knowledge of common security standards and best practices, such as NIST 800-53/800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards
• Knowledge of Windows networking fundamentals (IP protocol, switches, routers)
• Demonstrated understanding of developing in a regulated environment and adhering to a quality management system
• Excellent written and verbal communication and interpersonal skills are essential
• Demonstrated positive work ethic with a strong commitment to achieving project goals

Education and experience required:

• BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field is required
• Minimum of 5 years of experience in software development, systems & architecture concepts and designs
• Minimum of 5 years work experience implementing security controls in software
• Minimum of 5 years work experience with C#/.NET development
• Minimum of 3 years work experience using secure coding practices

Job Tags

Similar Jobs