Cybersecurity Software Development Engineer

We are looking for a Cybersecurity Software Development Engineer

Duties:

  • Develops software security strategies compliant with medical device regulations
  • Supports SW development teams in the creation of Digitec Platform cybersecurity threat model based upon software system design
  • Leads SW development teams in the creation of cybersecurity vulnerability assessments and specify risk controls
  • Supports teams in the creation of documentation of cybersecurity risk management
  • Keeps abreast of state-of-the-art cybersecurity practices and latest standards and verification techniques
  • Maintains regular, periodic vigilance of latest vulnerabilities in third-party software and works with Regulatory and Quality teams to action to patch or develop workarounds for new vulnerabilities posing an unacceptable risk
  • Performs regular periodic product security testing
  • Performs vulnerability scans on Digitec Platform before production release
  • Assists SW development teams in penetration testing
  • Participates in design review, code reviews and inspections of actual code base to ensure proper implementation of security control measures and defensive coding practices.
  • Maintains Software of Unknown Provenience (SOUP) and Cybersecurity Management documents up to date
  • Maintains MDS2 forms (Manufacturer Disclosure Statement for Medical Device Security) up to date

Requirements:

  • Bachelor in software engineering or Cybersecurity required (a degree in another Engineering or Scientific discipline may be acceptable with proven software education and/or training and demonstrated software experience.)
  • Required 1+ years overall of related software engineering experience in development and/or verification or a four-year degree and internship experience.

Nice to have:

  • Knowledge of cybersecurity standards for medical devices (IEC 81001-5-1 and IEC/TR 60601-4-5) is highly desirable
  • Certification or training in software security is highly desirable
  • 1+ years experience of software development in C, C++, or C# is highly desirable
  • Experience performing risk assessments is desirable (in accordance with ISO 14971)
  • Significant course work or at least 1 year of direct experience in the cybersecurity field is desirable
  • Knowledge (at least basic level) of DevOps solutions for testing automation and CI/CD methods, preferably with practical experience is desirable

Let's work together