Senior Principal Product Security Engineer

Vantive is a vital organ therapy company on a mission to extend lives and expand possibilities for patients and care teams everywhere. For 70 years our team has driven meaningful innovations in kidney care. As we build on our legacy we are deepening our commitment to elevating the dialysis experience through digital solutions and advanced services while looking beyond kidney care and investing in transforming vital organ therapies. Greater flexibility and efficiency in therapy administration for care teams and longer fuller lives for patients that is what Vantive aspires to deliver.

We believe Vantive will not only build our leadership in the kidney care space it will also offer meaningful work to those who join us. At Vantive you will become part of a community of people who are focused courageous and dont settle for the mediocre. Each of us is driven to help improve patients lives worldwide. Join us in advancing our mission to extend lives and expand possibilities.

Description

As PrincipalSr Principal Engineer own and direct the cybersecurity design and analysis of multiple medical devices. Resolve difficult problems from conception to final design with team input. Plan lead and deliver project assignments in the evaluation selection and adaptation of various cybersecurity engineering techniques procedures and criteria with minimal guidance.

Contributes to a cybersecurity vision that aligns with the organizations vision and strategic plan. Utilizes solid understanding of device and system connectivity concepts in a medical device domain. Provides direction to technical team members that are accountable for implementing cybersecurity integration and connectivity deliverables. Exhibits creativity and innovation in completing divisional and cross-functional/business unit goals and objectives.

Essential Duties and Responsibilities

Create system requirements architectures risk analysis and other specifications that define the cybersecurity functionality of medical device systems both embedded and hosted.

Create threat models of medical device systems and the interfaces between medical devices.

Perform vulnerability scanning of medical device systems and analyze results.

Monitor threat intelligence and analyze CWEs and CVEs that affect medical device systems and propose solutions.

Collaborate with the cross functional team primarily software in the implementation of cybersecurity functionality.

Contribute to external communications (bulletins FAQs etc.) related to cybersecurity.

Resolve competing constraints between interrelated functions (Engineering Risk Management Compliance Clinical Human Factors Regulatory Marketing Service).

Ensure compliance to the product development process and Quality System and Design Control requirements.

Work with regulators to ensure regional needs are met.

Qualifications for this role

Experience with threat modeling penetration testing fuzz testing vulnerability scanning secure code analysis.

Experience with cybersecurity related software such as Blackduck Coverity or equivalent China specific software etc.

Experience dealing with threat intelligence CWEs and CVEs.

Familiarity with cybersecurity related organizations and certifications such as UL (UL-2900) ICS-CERT FIPS 140 etc.

Experience with cybersecurity functionality on embedded systems and hosted software applications.

Requires strong organization and communication skills with the ability to interface with both technical and non-technical personnel.

Ability to convince management on courses of action with minimal assistance using both written and verbal methods.

Must be able to provide solutions that reflect understanding business objectives.

Medical device experience a plus.

Education and Experience

BE /B Tech or ME /M Tech with 8 years of related experience.

Reasonable Accommodation

Vantive is committed to working with and providing reasonable accommodations to individuals with disabilities globally. If because of a medical condition or disability you need a reasonable accommodation for any part of the application or interview process please click on the link here and let us know the nature of your request along with your contact information. Form Link

Recruitment Fraud Notice

Vantive has discovered incidents of employment scams where fraudulent parties pose as Vantive employees recruiters or other agents and engage with online job seekers in an attempt to steal personal and/or financial information. To learn how you can protect yourself review our Recruitment Fraud Notice.