Description

 

 

Primary Duties and Responsibilities

•             Partner with engineering teams (cloud, console, pump, etc.) to drive successful adherence to product security program.

•             Create, update, and mature product security processes.

•             Deliver documentation for pre-market development activities including security plans, architecture and data flow diagrams, threat models, requirements, SBOM, and risk documentation.

•             Monitor and drive post-market vulnerability management activities, with adherence to strict timelines.

•             Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, etc.

•             Identify, research, evaluate, and integrate new compliance requirements and industry standards/trends into the product security program.

•             Maintain relationships with Information Sharing and Analysis Organizations.

 

Job Qualifications

•             Bachelor’s degree in Computer Science, Information Systems, or related field.

•             9+ years industry experience in Information Security and/or regulatory compliance

•             Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR)

•             Experience with security risk management techniques and tactics

•             Experience working in a regulated environment, FDA-regulated preferred.

•             Strong communication and interpersonal skills

Key Skills
Education

Bachelor's degree

Back To Jobs