Staff Product Security Engineer - IoTNetwork
Staff Product Security Engineer - IoTNetwork
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Description:
The Staff Product Security Engineer will collaborate closely with the Product Security team and crossfunctional stakeholders to support the secure design development assessment and monitoring of Intuitive Surgical products that comply with medical device regulatory requirements and adhere to Intuitive standards for security and resiliency.
The Staff Product Security Engineer will join and inspire a team performing engineering technical and regulatory security tasks that provide security solutions across multiple Intuitive business units. The position also includes responsibility for developing and executing security project and process plans implementing security policies and procedures and a significant level of developing and mentoring other teams in the areas of cyber and network security.
Responsibilities:
- Drives the development implementation and sustainment of product security and resiliency throughout the requirements design build test production operations and support lifecycle.
- Drives the development and enhancement of system requirements and architectures for product security to meet all applicable certification and customer requirements.
- Develops and documents the cybersecurity threat model and risk assessment for both embedded and cloudbased products at Intuitive Surgical.
- Evaluates the existing security measures in place for Intuitive Surgical products and conduct necessary test and research to identify any additional security measures that may be necessary to enhance their protection.
- Participate in both inhouse and thirdparty penetration testing activities.
- Collaborates closely with software hardware and network engineers to review and design secure communication protocols for surgical robotics.
- Drives the definition and identification of product security requirements for suppliers of components and subsystems for integration into complex Intuitive products and services.
- Supports coordination with stakeholders regulators suppliers industry partners to identify risks and improve industry and regulatory security standards and requirements for programs and interfacing systems.
- Supports Intuitive research and development activities resulting in innovative scalable security solutions to include research on emerging security tools and methodologies and develop proofofconcept demonstrations.
- Supports Intuitive Cyber Assurance teams in customer and partner communication on maintaining effective product security including security consequences of modifying products and services.
- Collaborates with the incident response and security operations team to identify analyze and mitigate potential risks associated with intuitive surgical products.
- Leverage understanding of interconnected components of Intuitive systems and and apply the principles of systems thinking to accelerate security development and resolve crossfunctional technical issues.
Qualifications :
Qualifications
- At least ten years of relevant experience in product security or cybersecurity accompanied by a bachelors degree. Alternatively eight years of experience and a masters degree or a Ph.D. with five years of relevant experience are acceptable.
- CISSP or equivalent certifications such as SANS CEH AWS Security or Cisco Security.
- Advanced knowledge of system security domains (e.g. information assurance intrusion detection software protection software assurance communications security encryption and key management network security certification and accreditation) and applicable industry and government guidance and regulations to produce secure systems.
- Experience in one or more cyber security frameworks and compliance standards including NIST and ISO.
- Proficiency in functional and securitycentric analysis of C/C and Python code.
- Excellent analytical skills demonstrated by a proven track record of analyzing and resolving complex problems in products and processes.
- Exceptional judgment in the face of contending priorities and incomplete data with the ability to make sound tradeoffs with good judgment.
- Excellent communication skills enabling the documentation of technical architectures and workflows and the presentation of information to diverse audiences.
- Experience working in a distributed environment across multiple teams.
- Project management skills such as scheduling resource management and performance measures.
Preferred Skills and Experience:
- Medical device or other regulated domain experience
- Familiar with FDA Premarket and Postmarket Cybersecurity guidance
- Familiar with regulatory aspects of the 510(k) cyber security submissions
- Experience with working with IoT or ICS/SCADA systems
Additional Information :
Due to the nature of our business and the role please note that Intuitive and/or your customer(s) may require that you show current proof of vaccination against certain diseases including COVID19. Details can vary by role.
Intuitive is an Equal Opportunity Employer. We provide equal employment opportunities to all qualified applicants and employees and prohibit discrimination and harassment of any type without regard to race sex pregnancy sexual orientation gender identity national origin color age religion protected veteran or disability status genetic information or any other status protected under federal state or local applicable laws.
Mandatory Notices
We will consider for employment qualified applicants with arrest and conviction records in accordance with fair chance laws.
Preference will be given to qualified candidates who do not reside or plan to reside in Alabama Arkansas Delaware Florida Indiana Iowa Louisiana Maryland Mississippi Missouri Oklahoma Pennsylvania South Carolina or Tennessee.
We provide marketcompetitive compensation packages inclusive of base pay incentives benefits and equity. It would not be typical for someone to be hired at the top end of range for the role as actual pay will be determined based on several factors including experience skills and qualifications. The target salary ranges are listed.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
