Description
- Apply industry leading cyber security and privacy practices and standards to the digital product portfolio, including cloud, IoT, software, and mobile solutions.
- Perform cyber security risk management, including threat modeling, to ensure security and privacy by design and by default.
- Assist the project teams with technical security- and privacy-related guidance.
Perform / organize security assurance activities, such as penetration testing, vulnerability assessment, static code analysis, fuzzing, and (code) reviews. - Perform post-market vulnerability assessments and support incident response activities.
- Collaboration with cross-functional teams on project level
- Support and advice senior management regarding cyber security and privacy risks
Requirements
- Academic degree in computer science, information technology, IT security, or a related technical field
- Several years of experience in secure software development lifecycle (SDLC) activities, preferrable within the healthcare industry
- Good knowledge in conducting security risk assessments, including threat modeling.
- Familiar with DevOps, IT security, cryptography, and Secure SDLC activities
- Hands-on experiences with SAST, DAST, (code) reviews, penetration testing, and cloud solutions
- Experience in complying with cyber security and data privacy regulations, frameworks, and guidelines such as GDPR, HIPAA, MDR, FDA, NIST CSF, ISO 27k, CIS Controls, NIST SP 800-series, OWASP ASVA/MASVS or similar is desirable.
- Professional certifications such as CSSLP, CISSP, or others would be a plus.
- Experience in working in international teams.
- Fluent in English written and in spoken
Education
Any Gradute
- Posted On: Today
- Experience: 5+ years of experience
- Availability: Remote
- Openings: 1
- Category: Senior CyberSecurity Engineer
- Tenure: Contract - Corp-to-Corp Position