Medical Device Security Engineer

حيفا - إسرائيل

الراتب شهرياً: لم يكشف

تاريخ النشر: أمس

عدد الوظائف الشاغرة: 1 عدد الوظائف الشاغرة

سجل للتقديم

ملخص الوظيفة

Changing lives. Building Careers.

Joining us is a chance for you to do important work that creates change and shapes the future of healthcare. Thinking differently is what we do best. To us change equals opportunity. Every day more than 4000 of us are challenging whats possible and making headway to help improve outcomes.

Key Responsibilities:

Perform risk analysis on productrelated cybersecurity risks determine required security controls and manage residual risk for securityrelated product threats.
Model Product Security Threats and continuously monitor global productrelated cybersecurity threats.
Conduct and document CIS (Center for Internet Security) Benchmark / Baseline reviewsfor relevant systems and embedded platforms to ensure compliance with hardened configuration requirements.
Ensure adherence to recognized Medical Device Cybersecurity Frameworks including (but not limited to):
- FDA Pre and PostMarket Cybersecurity Guidance
- AAMI TIR57 & AAMI TIR97
- ANSI/AAMI SW96
- IEC(Health Software & Health IT Security)
- IEC 62443 (Industrial & IoT Security where applicable)
- ISO 14971 (Risk Management) as applied to securityinduced safety risks
Research and advocate for new security solutions technologies and architecture patterns to improve product cybersecurity posture.
Collaborate with development teams to integrate secure coding and secure design practices into the software and hardware development lifecycle.
Collaborate with Quality and Regulatory functions to ensure proper evaluation and documentation of safety risks induced by security risks aligning with medical device safety regulations.
Implement and manage security tools and technologies that strengthen the security posture of applications embedded systems and connected medical devices.
Provide technical cybersecurity guidance mentorship and support to engineering teams leadership and crossfunctional stakeholders.
Support vulnerability management activities including SBOM reviews vulnerability scanning penetration testing coordination and remediation planning.
Ensure product designs incorporate secure configuration hardening encryption authentication authorization secure update mechanisms and secure logging principles.
Participate in internal and external cybersecurity assessments audits and regulatory submissions (FDA EU MDR Notified Bodies).
Develop and maintain cybersecurity documentation including threat models risk assessments securebydesign documentation security test plans and postmarket surveillance artifacts.

Experience and Education:

At least 10 years of experiencein the Information Security or Cybersecurity domain.
Certification(s) from recognized cybersecurity organizations (e.g. ISC² ISACA GIAC).
Experience as a Security Regulation and Standards Engineer/Manager.
Experience in systems engineering and collaborative development environments.
Experience preparing cybersecurity documentation for regulated industries.

Additional Experience:

Experience working inregulated industries(Medical Device Avionic) advantage.

Academic degree in Computer Science Software Engineering Electrical Engineering or equivalent work experience advantage.
Experience in Software and/or Hardware development advantage.
Experience applying medical cybersecurity frameworks such as IECAAMI TIR57 AAMI TIR97 ISO 14971 and/or IEC 62443 strong advantage.

Required Knowledge:

Knowledge of Information Security and Cybersecurity Standards Methodologies and Controls including CIS Benchmarks NIST Cybersecurity Framework OWASP and secure development methodologies.
Knowledge and handson experience in product development and system engineering processes across hardware firmware and software.
Strong understanding of medical device cybersecurity requirements secure architecture patterns threat modeling (STRIDE attack trees) and product lifecycle security.
Familiarity with secure boot cryptography embedded system hardening secure communication protocols and resilience techniques.

Certifications:

Preferred industry certifications such as:
- CISSP CSSLP CEH GICSP GCSD CCSP advantage.
- Medicaldevicerelevant credentials (e.g. HCISPP CISA GIAC IoT Security) advantage.

Unsolicited Agency Submission

Integra LifeSciences does not accept unsolicited assistance from search firms for employment opportunities. All CVs/resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. A formal written agreement is required before engaging any agency and it must be executed and authorized by the Vice President Talent Acquisition. Where agency agreements are in place introductions (the initial sharing of a candidates name resume or background) are position-specific and may only occur within the scope of that approved agreement. Please no phone calls or emails.

Required Experience:

Changing lives. Building Careers.Joining us is a chance for you to do important work that creates change and shapes the future of healthcare. Thinking differently is what we do best. To us change equals opportunity. Every day more than 4000 of us are challenging whats possible and making headway to ...

Key Responsibilities:

Perform risk analysis on productrelated cybersecurity risks determine required security controls and manage residual risk for securityrelated product threats.
Model Product Security Threats and continuously monitor global productrelated cybersecurity threats.
Conduct and document CIS (Center for Internet Security) Benchmark / Baseline reviewsfor relevant systems and embedded platforms to ensure compliance with hardened configuration requirements.
Ensure adherence to recognized Medical Device Cybersecurity Frameworks including (but not limited to):
- FDA Pre and PostMarket Cybersecurity Guidance
- AAMI TIR57 & AAMI TIR97
- ANSI/AAMI SW96
- IEC(Health Software & Health IT Security)
- IEC 62443 (Industrial & IoT Security where applicable)
- ISO 14971 (Risk Management) as applied to securityinduced safety risks
Research and advocate for new security solutions technologies and architecture patterns to improve product cybersecurity posture.
Collaborate with development teams to integrate secure coding and secure design practices into the software and hardware development lifecycle.
Collaborate with Quality and Regulatory functions to ensure proper evaluation and documentation of safety risks induced by security risks aligning with medical device safety regulations.
Implement and manage security tools and technologies that strengthen the security posture of applications embedded systems and connected medical devices.
Provide technical cybersecurity guidance mentorship and support to engineering teams leadership and crossfunctional stakeholders.
Support vulnerability management activities including SBOM reviews vulnerability scanning penetration testing coordination and remediation planning.
Ensure product designs incorporate secure configuration hardening encryption authentication authorization secure update mechanisms and secure logging principles.
Participate in internal and external cybersecurity assessments audits and regulatory submissions (FDA EU MDR Notified Bodies).
Develop and maintain cybersecurity documentation including threat models risk assessments securebydesign documentation security test plans and postmarket surveillance artifacts.

Experience and Education:

At least 10 years of experiencein the Information Security or Cybersecurity domain.
Certification(s) from recognized cybersecurity organizations (e.g. ISC² ISACA GIAC).
Experience as a Security Regulation and Standards Engineer/Manager.
Experience in systems engineering and collaborative development environments.
Experience preparing cybersecurity documentation for regulated industries.

Additional Experience:

Experience working inregulated industries(Medical Device Avionic) advantage.

Academic degree in Computer Science Software Engineering Electrical Engineering or equivalent work experience advantage.
Experience in Software and/or Hardware development advantage.
Experience applying medical cybersecurity frameworks such as IECAAMI TIR57 AAMI TIR97 ISO 14971 and/or IEC 62443 strong advantage.

Required Knowledge:

Knowledge of Information Security and Cybersecurity Standards Methodologies and Controls including CIS Benchmarks NIST Cybersecurity Framework OWASP and secure development methodologies.
Knowledge and handson experience in product development and system engineering processes across hardware firmware and software.
Strong understanding of medical device cybersecurity requirements secure architecture patterns threat modeling (STRIDE attack trees) and product lifecycle security.
Familiarity with secure boot cryptography embedded system hardening secure communication protocols and resilience techniques.

Certifications:

Preferred industry certifications such as:
- CISSP CSSLP CEH GICSP GCSD CCSP advantage.
- Medicaldevicerelevant credentials (e.g. HCISPP CISA GIAC IoT Security) advantage.

Unsolicited Agency Submission

Required Experience:

اعرض المزيد

المهارات المطلوبة

Splunk
IDS
أمن الشبكات
Computer Networking
Identity & Access Management
PKI
PCI
NIST Standards
Security System Experience
أمن المعلومات
Encryption
Siem

قدم الآن

عن الشركة

Integra LifeSciences

Integra LifeSciences, a world leader in medical technology with headquarters in Princeton, New Jersey, was founded in 1989 with the acquisition of an engineered collagen technology platform used to repair and regenerate tissue. Since then, Integra has expanded its base regenerative te ... اعرض المزيد

عرض صفحة الشركة عرض صفحة الشركة

التقديم التلقائي على الوظائف بـ AI

قدّم على عشرات الوظائف بنقرة واحدة