Product Security Officer II
Product Security Officer II
Posted on :
02-05-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Overview
Job Summary
The Werfen Product Privacy and Security Program is a shared service model with responsibility for Cybersecurity and Privacy by Design Compliance Security Testing and Incident Response. As a Werfen Product Security Officer you are responsible for cybersecurity and privacy functions for our Products. This role is a trusted collaborator of the Project Teams and works with the Quality and Regulatory functions to ensure the product privacy and security posture.
Responsibilities
Key Accountabilities
- Represent the Werfen Product Privacy and Security Office.
- Responsible for leading Product cross functional team members to complete all technical aspects of product cyber security tasks and initiatives.
- Participate in customer assurance with Quality Regulatory Marketing Services and the Affiliates. This includes Product Security communications content such as:
- Product Labeling
- Completion of security inquiries
- Complaint and vulnerability investigation and reports
- Provide consistent cybersecurity and privacy guidance to Werfen and Customers.
- Represent cybersecurity and privacy in the Risk Assessment as a subject matter expert including:
- Cyber security threat management process
- Continuous technical analysis and monitoring of cyber security signals.
- Responsible for supporting the project or program teams with planning and scheduling clarifying and defining scope of work utilizing deliverable milestone methods and critical path scheduling conducting resource planning and allocation and developing task and project estimates for cyber security requirements and related gaps epics stories and defects.
- Support the generation of an integrated cyber security management plan that meets business objectives and is in compliance with the design control process while maximizing resource efficiency.
- Responsible to represent cybersecurity and privacy for reviews of epics stories and defects within PI planning activities tech reviews and change review board meetings (CRB) as a subject matter expert for cyber security.
- Ensures product security deliverables are completed and documented as defined within the quality management systems work instructions for product security.
- Support agile teams as a cybersecurity and privacy subject matter expert. Assist with the definition of epic and story requirements and deliverables to align with product security requirements.
- Responsible to support the project and program teams to identify risk assess and prioritize cyber security issues and assist in supporting design controls to implement an appropriate solution through completion.
- Represent cyber security with the product development teams to ensure cyber security and privacy is being designed into products.
- Responsible to support program and project leads for ensuring adequate oversight and control of vendors providing development test or technical services that support the project and are aligned with product security deliverables and requirements.
- Responsible for assisting with contributing and reviewing cyber security product documentation
- Responsible for assisting with FDA 510K submission activities and inquiries
- Responsible for assisting in oversight activities to include management reporting
Networking/Key Relationships
- Provide technical and team leadership to one or more medium project team(s) or a program team including cyber security consulting and cyber security technical leadership within the program area. Drive the successful attainment of Product Security program/cyber security project related goals.
- Responsible for product security program communication for both within the product security team project team(s) and between the team(s) and executive management.
Qualifications
Minimum Knowledge & Experience for the position:
- At least 10 years of cyber security experience preferably in product development with at least 4 years successful technical leadership cyber security coordination or cyber security management are required
- Requires Bachelors degree in Business Computer Science Computer Engineering or the equivalent combination of related training proficiency and experience.
- Certification in cyber security e.g. (CISSP/CISM/CISA Security ; Cisco CCNP Security) preferred.
- Certification in project or program management is desirable.
- Full and comprehensive knowledge of the complete product lifecycle including all aspects of product development from conception to manufacturing introduction.
Skills & Capabilities:
- Problem solving conflict management listening managing and measuring work
- Quality and Regulatory experience e.g. 510K submissions)
- Knowledge of domain specific standards and approaches on privacy and product security (ISO 2700x NIST 800 Series Special Publications)
- Knowledgeable and experience with laws and regulations on cyber security privacy data protection and breach notification (e.g.: FDA cyber security guidelines 95/46/ED HIPAA GDPR ISO 13485 ISO 14971. AAMI TIR 57; 21CFR820 SB1386 etc.
- Experience in designing or leading software products using Secure SDLC.
- Understanding of securing and hardening Windows and Linux operating systems
- Understanding of networking and network security
- Familiarity with agile and project management tools and techniques
- Team player selfmotivated perseverance
- Strong oral and written skills
Travel Requirements:
- 10 Travel
Required Experience:
Unclear Seniority
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
