Principal Product Security Engineer - Embedded (REMOTE)
Michigan, Virtual Address
Applications have closed
Who We Want:
The Principal Product Security Engineer will be a valued professional within the Stryker Product Security organization. They will work with product development team members during the systems development processes to guide product teams with security controls through concept, requirements, design and build phases of new/evolving product. This Engineer will focus mainly on embedded devices, but can support cloud, mobile devices (iOS, Android, and others) in the IoT ecosystem, to shape how the security of Stryker products is defined before release to market. This role will drive the consistent generation of threat models, security requirements, aligned design, build and configuration of products through definition and execution of validation, verification, and post-market processes, as needed throughout the product lifecycle.
What You Will Do:
Technical Responsibilities:
- Collaborate with product teams to assess security risks and drive design decisions for new and evolving products and related systems.
- Guide product development teams in completing threat models as input into security risk analysis processes.
- Assemble Security requirements applicable to the new or evolving product under consideration.
- Support the Security Assurance team working with product teams to guide the generation of software bills of material for a variety of medical device technologies.
- Support product security incident response (PSIRT) teams, when needed, so they can effectively address (contain or remediate) and then document security incidents.
- Draft internal and external communications summarizing details concerning security concepts used in requirements, design, and build phases related to medical products and related systems.
- Provide product security guidance and leadership to internal taskforce teams.
- Develop and deliver presentations and communications to clearly convey complex technical topics up to next level leaders.
- Recommend efficiency and process improvements.
Knowledge and Capabilities:
- Thorough understanding of the current revisions of FDA, NIST, ISO, IEC and other related security frameworks.
- Proven experience building successful working relationships with internal and external personnel in various departments.
- Expertise in applying security control frameworks, threat modeling, and scoring the severity of security threats and vulnerabilities.
- Experience analyzing and selecting embedded hardware that enabled security controls to be established, along with designing secure products, as part of a broad eco-system (embedded devices + clouds + mobile devices) in the IoT ecosystems that healthcare providers need and expect to support safety.
What You Will Need:
Basic Qualifications:
- Bachelor's Degree in product security, computer science, mathematics, statistics, or related field
- 8+ years of applicable (product) security work experience
Preferred Qualifications:
- Master’s degree in security related discipline
- Understands quality management systems, preferably in the healthcare, medical device, or industries that leverage cyber-physical systems.
- Experience implementing secure technologies in embedded devices, clouds and mobile devices using secure controls, including but not limited to transport and communication protocols.
- One or more active, industry recognized, and relevant cybersecurity certifications.
- $126k - $279k salary plus bonus eligible + benefits. Actual minimum and maximum may vary based on location. Individual pay is based on skills, experience, and other relevant factors.
Tags: Android C Cloud Computer Science Incident response iOS IoT Mathematics NIST Product security PSIRT Risk analysis Vulnerabilities
Perks/benefits: Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs