Sr. Product Security Engineer - Firmware

San Diego, California, United States

Applications have closed

Tandem Diabetes Care

Tandem Diabetes Care entwickelt Insulinpumpen sowie andere Produkte und Dienstleistungen für ein innovatives und modernes Diabetes Management.

View company page

GROW WITH US:

Tandem Diabetes Care creates new possibilities for people living with diabetes, their loved ones, and their healthcare providers through a positively different experience. We’d love for you to team up with us to “innovate every day,” put “people first,” and take a “no-shortcuts” approach that has propelled us to become a leader in the diabetes technology industry.

STAY AWESOME:

Tandem Diabetes Care is proud to manufacture and sell the t:slim X2 insulin pump with Control-IQ technology. We’re also so much more than that. Our company’s human-centered approach to design, development, and support delivers innovative products and services for people who use insulin. Since many of our own team members live with type 1 diabetes, or have a loved one impacted by diabetes, the work is personal, and we are committed to the cause. Learn more at tandemdiabetes.com.

A DAY IN THE LIFE:

This role is responsible for enhancing the security of our embedded devices and firmware, with a concentration on our Tandem’s insulin pump products. Collaborating closely with cross-functional teams to ensure our products are designed, implemented, and tested to meet the highest standards of security. The primary objective of this role is to protect our company's digital assets as well as safeguarding the trust that patients and providers place in our products.

  • Perform thorough threat modeling and risk assessments for insulin pump products and related systems to identify and mitigate potential security risks.
  • Develop and maintain security requirements for embedded devices and firmware, ensuring they comply with industry standards and regulatory requirements.
  • Conduct security architecture reviews to evaluate and enhance the security posture of our products.
  • Collaborate with firmware and software development teams to integrate security best practices throughout the product development lifecycle.
  • Design and implement security test cases to validate the effectiveness of security controls.
  • Provide expert guidance on secure coding practices and assist development teams in remediating vulnerabilities and security issues.
  • Stay abreast of the latest security threats, vulnerabilities, and technologies relevant to embedded devices and firmware.
  • Develop and maintain documentation related to product security, including security architectures, threat models, and testing results.
  • Participate in incident response activities, assisting in the investigation and remediation of security incidents related to embedded devices and firmware.
  • Engage with external security researchers, customers, and industry partners to gather feedback and enhance the security of our products.
  • Ensures compliance with company policies, including Privacy/HIPAA, and other legal and regulatory requirements.
  • Performs other duties as assigned.

YOU’RE AWESOME AT:

  • Bachelor’s or Master’s degree in Computer Science, Engineering, Mathematics, or a related field or equivalent experience.
  • 10+ years of experience in product development, with at least 5 years in a cybersecurity role.
  • Minimum of 5 years of experience in product security, with a focus on embedded devices and firmware.
  • Comprehensive knowledge of embedded systems and firmware security principles, including secure coding practices, encryption technologies, and secure communication protocols.
  • Demonstrated experience in threat modeling, risk assessments, security architecture reviews, and security testing.
  • Familiarity with security standards and frameworks NIST CSF, OWASP, and ISO.
  • Excellent problem-solving skills and attention to detail.
  • Strong communication skills, with the ability to effectively interact with cross-functional teams and articulate security risks and mitigation strategies.

EXTRA AWESOME:

  • CISSP, GIAC, or other relevant security certifications are highly desirable.
  • Experience in a highly regulated industry preferred.

WHAT’S IN IT FOR YOU?

In addition to innovative technology, we have a culture that fosters the idea that the happiest people are the most productive people. Not only do we hire forward-thinking achievers to join our workforce; we reward, develop, and retain them too. Just one of the many reasons of how we #StayAwesome! To learn more about our culture and benefits please visit https://www.tandemdiabetes.com/careers.

BE YOU, WITH US!

Tandem is firmly committed to being an equal opportunity employer and maintaining a diverse and inclusive environment. We value and embrace that every single one of us brings value to the table. But sometimes we forget that when we don’t meet 100% of a job description’s criteria – maybe you’re feeling that way right now? We encourage you to apply anyway. Because we want you to be you, with us.

COMPENSATION & BENEFITS:

The starting base pay range for this position is $140K - $170K annually. Base pay will vary based on job-related knowledge, skills, experience and may also fluctuate depending on candidate’s location and the overall job market. In addition to base pay, Tandem offers a competitive compensation package that includes bonus, equity, and a robust benefits package.

Tandem offers health care benefits such as medical, dental, vision, health savings accounts and flexible saving accounts.  You’ll also receive 10 paid holidays per year, a minimum of 20 days of paid time off (starting in year 1) and have access to a 401k plan with company match.  Learn more about Tandem’s benefits here!

YOU SHOULD KNOW:

Potential new employees must successfully complete a drug screen (excludes marijuana) and background check which includes criminal search, education certification and employment verification prior to hire. 

REFERRALS:

We love a good referral! If you know someone that would be a great fit for this position, please share!

If you are applying for this job and live in California, please read Tandem’s CCPA Notice: https://www.tandemdiabetes.com/careers/california-consumer-privacy-act-notice-for-job-applicants.

APPLICATION DEADLINE:

March 15th 2024

#LI-Remote  

SPONSORSHIP:

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

Tags: CCPA CISSP Compliance Computer Science Encryption GIAC HIPAA Incident response Mathematics NIST OWASP Privacy Product security Risk assessment Vulnerabilities

Perks/benefits: 401(k) matching Competitive pay Equity Flex vacation Health care Salary bonus

Regions: Remote/Anywhere North America
Country: United States
Job stats:  28  7  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.