TEKsystems is currently hiring a Product Security Engineer for an opportunity in San Diego with one of the largest Biotech/Medical Devices companies internationally.
This role will be part of a team responsible for implementing a product security framework supporting existing and future medical devices and software.
The right candidate is a positive, forward-looking person who must be self-directed requiring minimal daily direction, collaborates often and effectively with project team members, presents a positive and professional demeanor with customers, and excels at solving difficult problems.
The candidate shall be able to evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans and analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products, detailed attention to implementation and product risk while following a detailed quality management system. Responsibilities:
Top Required Skills:
- The Product Security Engineer will participate in a full medical system development life cycle and adhere to a quality management system.
- Must be able to identify cybersecurity threats and perform analysis based on threat vectors and identified vulnerabilities and build solutions to reduce the risk level.
- Must possess the skills to perform research independently, identify pertinent information for evaluation, and develop potential solutions and alternate courses of alternatives.
- Understanding of engineering principles for IT system development in a world wide deployment model.
- Familiar with automated vulnerability scanning assessment tools and their operation to produce security artifacts.
- Must possess the skills to automate solutions using various scripting tools used in remote deployments.
- Analyze system security architectures and make recommendations for security design and requirements that are compliant with applicable Security Technical Implementation Guides (STIGs) and other Federal and state standards.
- Knowledge of Active Directory, virtual environment and cloud computing
- Familiarity with the Software Development Life Cycle (SDLC) and injection of security principles/processes within various development environments to achieve software assurance
- Must have strong organizational skills and attention to detail, and possess exceptional ability to communicate effectively with peers, supervisors, managers, and customers within a team-oriented, collaborative environment.
- Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities
- B.S. degree in Computer Science, Computer Engineering, Cyber Security, Information Technology, or other related engineering field is required
- 2-10+ years of experience in Cyber Security, systems & architecture concepts and designs
- Experience with Scanning tools (i.e. Nessus, ACAS, etc)
- Scripting experience
- Knowledge of Security frameworks (i.e. NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT Standards)
- Product Security background
- Experience working in a regulated (FDA) R&D environment with medical devices is a plus
- Certifications in InfoSec Security are a plus, e.g., CISSP, CSSLP
Please apply if interested in joining this exciting opportunity.About TEKsystems:Join TEKsystems®, a leading IT staffing, IT talent management and IT services firm, and get your career on the fast track. We have more than 100 offices worldwide, and we partner with over 6,000 clients and place over 80,000 consultants per year. At TEKsystems, we seek to understand our consultants' skills, goals and interests, allowing us to present targeted job opportunities on a contract, contract-to-hire or direct placement basis. TEKsystems' leadership in the market stems from our sincere and personal commitment to driving the success of our customers, consultants and each other.
A little about us:
TEKsystems provides corporations with IT staffing, talent management expertise and IT services, enabling them to meet their business objective.