R&D Cybersecurity Engineer
Spectraforce
St. Paul, Minnesota
5 hours ago
Job Description
Job Title: R&D Cybersecurity Engineer
Location: St. Paul, MN 55117 (Hybrid)
Duration: 6+ Months with possible extension
The top 3 skills are:
• Experience with FDA Medical device cybersecurity secure by design activities and regulations
• Vulnerability management and assessment as it pertains to medical device use cases
• Creation and management of secure design requirements for connected and non-connected medical devices.
Responsibilities:
• Responsible for providing secuirity engineering support in the creation and the development of new medical device products (invasive and non-invasive).
• Responsible for compliance with applicable Corporate and Divisional Policies and procedures.
• Researches, develops, designs, and evaluates cybersecurity risk mechanical and electro-mechanical materials, components, assemblies, processes and/or equipment.
• Conducts and oversees cybersecurity testing and validation activities to verify capability and functionality. Develops new concepts from initial design to market release.
• Utilize Product Development Software Cybersecurity resources and work with a cross-functional team to develop threat models, requirements, architecture, design, implementation, and maintenance of Medical Security Software for Electrophysiology Products focused on Embedded systems.
• Assess the cybersecurity risks of new products and features as well as identify potential interactions with existing products and features.
• Perform Activities and Deliverables related to Cybersecurity for Electrophysiology Product Development, including Threat Modeling and Risk Management (as it pertains to cybersecurity).
• Stay abreast of cybersecurity threats and trends and manage appropriate responses to threats and trends;
• Contribute to the team on the development of cybersecurity maintenance process of various products within Electrophysiology.
• Collaborate with Systems, Electrical, Software Systems, Software Test and Automation, Quality, Regulatory and Manufacturing teams to ensure that all cybersecurity activities and deliverables are completed on time and in accordance with the Electrophysiology Division Procedures and FDA and other regulatory requirements.
• Use Cybersecurity frameworks to standardize cyber security function for their development and delivery.
• Work with external resources to plan and execute Security Activities (like Penetration Testing) on various products.
Requirements:
• Bachelor’s degree in software engineering, computer engineering computer science, or a related engineering field (Master’s degree in software engineering, computer engineering or computer science preferred).
• Experience with Software Development within the regulated medical field, preferably product development cybersecurity.
• Hands-on Experience with Threat Modeling (STRIDE) and other cybersecurity activities.
• 7+ years of software development experience.
• 5+ years of security experience.
• Strong knowledge of Cybersecurity Architecture, Design, Implementation, Concepts and Technologies.
• Experience with industry standard security frameworks like NIST, OWASP, ISO etc…
• Experience with global medical device regulations like FDA, EU-MDR, CFDA etc…
• Experience in at least 1 of the following domains: information security risk management, compliance, platform security, network security, cloud security, application security, embedded device security.
• Experience with visual modeling/design, multi-threading, formal software development methodologies, and source code management.
• Experience in working in an iterative Agile development process.
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 52.00/hr.
Location: St. Paul, MN 55117 (Hybrid)
Duration: 6+ Months with possible extension
The top 3 skills are:
• Experience with FDA Medical device cybersecurity secure by design activities and regulations
• Vulnerability management and assessment as it pertains to medical device use cases
• Creation and management of secure design requirements for connected and non-connected medical devices.
Responsibilities:
• Responsible for providing secuirity engineering support in the creation and the development of new medical device products (invasive and non-invasive).
• Responsible for compliance with applicable Corporate and Divisional Policies and procedures.
• Researches, develops, designs, and evaluates cybersecurity risk mechanical and electro-mechanical materials, components, assemblies, processes and/or equipment.
• Conducts and oversees cybersecurity testing and validation activities to verify capability and functionality. Develops new concepts from initial design to market release.
• Utilize Product Development Software Cybersecurity resources and work with a cross-functional team to develop threat models, requirements, architecture, design, implementation, and maintenance of Medical Security Software for Electrophysiology Products focused on Embedded systems.
• Assess the cybersecurity risks of new products and features as well as identify potential interactions with existing products and features.
• Perform Activities and Deliverables related to Cybersecurity for Electrophysiology Product Development, including Threat Modeling and Risk Management (as it pertains to cybersecurity).
• Stay abreast of cybersecurity threats and trends and manage appropriate responses to threats and trends;
• Contribute to the team on the development of cybersecurity maintenance process of various products within Electrophysiology.
• Collaborate with Systems, Electrical, Software Systems, Software Test and Automation, Quality, Regulatory and Manufacturing teams to ensure that all cybersecurity activities and deliverables are completed on time and in accordance with the Electrophysiology Division Procedures and FDA and other regulatory requirements.
• Use Cybersecurity frameworks to standardize cyber security function for their development and delivery.
• Work with external resources to plan and execute Security Activities (like Penetration Testing) on various products.
Requirements:
• Bachelor’s degree in software engineering, computer engineering computer science, or a related engineering field (Master’s degree in software engineering, computer engineering or computer science preferred).
• Experience with Software Development within the regulated medical field, preferably product development cybersecurity.
• Hands-on Experience with Threat Modeling (STRIDE) and other cybersecurity activities.
• 7+ years of software development experience.
• 5+ years of security experience.
• Strong knowledge of Cybersecurity Architecture, Design, Implementation, Concepts and Technologies.
• Experience with industry standard security frameworks like NIST, OWASP, ISO etc…
• Experience with global medical device regulations like FDA, EU-MDR, CFDA etc…
• Experience in at least 1 of the following domains: information security risk management, compliance, platform security, network security, cloud security, application security, embedded device security.
• Experience with visual modeling/design, multi-threading, formal software development methodologies, and source code management.
• Experience in working in an iterative Agile development process.
Applicant Notices & Disclaimers
- For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 52.00/hr.