Staff Product Security Analyst

View full description

Requirements:

• Bachelor's degree in computer science, information security, or a related field.
• 12+ years of experience in information security, focused on product security for medical devices.
• Strong understanding of security principles and methodologies related to medical devices.
• Exceptional writing, editing, and proofreading abilities.
• Familiarity with CMS and document repository systems.
• Experience with vulnerability scanning and penetration testing in healthcare.
• Expertise with FDA Cybersecurity guidance and regulations.
• Familiarity with NIST Cyber Security Framework and NIST SP 800-171.
• Knowledge of secure coding practices and development methodologies for medical devices.
• Experience with medical device design control requirements for software development.

Responsibilities:

• Lead and own the end-to-end device product security management process.
• Ensure compliance with FDA Cybersecurity guidance through collaboration with teams.
• Conduct comprehensive risk assessments for medical devices, identifying vulnerabilities.
• Develop and maintain cyber threat models considering patient safety and data privacy.
• Participate in security design reviews and recommend system security requirements.
• Promote secure coding practices and assist in incident response for medical devices.
• Assist with vulnerability management and collaborate on data privacy compliance.