Job Description
This role is focused on ensuring the security and compliance of our medical device platforms. We are seeking a Product Security Engineer to join our multi-functional team and play a critical role in guiding secure product development and reducing risk across our product portfolio.
The ideal candidate will have a solid understanding of current regulatory compliance and standards, as well as experience in IT-security, cybersecurity, secure software development, and designs, and risk management. They will be responsible for leading product security risk assessments, supporting secure architecture and coding practices, and driving the implementation of industry-standard security measures across existing and new products.
Additionally, the successful candidate will collaborate with Regulatory, Quality, Medical Affairs, and other key teams to guide secure product development and reduce risk. They will also partner with cross-functional teams to resolve vulnerabilities in current products and uphold continuous security compliance.
Key responsibilities include working closely with Regulatory, Quality, Medical Affairs, and other teams, supporting them with security knowledge to improve our product platforms; guaranteeing products align with relevant security standards and regulations; leading product security risk assessments and implementing effective mitigation strategies; and supporting teams in reducing product risk by finding practical solutions on how to increase security in new and existing products.
The Product Security Engineer will work in a team to support R&D in implementing secure software solutions by ensuring the architecture follows industry-accepted standards for medical device security, including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring. They will assist in product security risk assessments and provide vulnerability remediation guidance to product development software engineers, both on and off-site.
They will also develop and ensure that software engineering procedures are aligned with product security requirements and support the Product Security Documentation process, including providing standardised Product Security documentation, organising and supporting the document review and approval process, and ensuring that work is completed punctually and to the required level of quality.
Required Skills and Qualifications
* BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field or equivalent work experience required
* Experience in IT-Security, Cybersecurity, secure software development and designs, and risk management
* Solid understanding of current regulatory Compliance & Standards
* Working experience with various encryption algorithms and PKI solutions
* Experience in creating documentation for software products
* High level of self-organisation and delivering required inputs on time
* Experience with Dynamic and static code analysis tools
* Knowledge of completing a track, Trace and plan using a Security Requirements Traceability Matrix (SRTM) or similar tool with the goal of tracking Security Requirements, Source of Requirement, Requirement Objective and Verification Method experience
* Understanding of vulnerability scans and static code analysis results
* Understanding proper secure coding practices to drive standards within the software engineering organisation
* Experience working in a regulated environment
* Basic understanding of network security fundamentals (IP protocol, firewalls etc.)
* Recognised Security certifications are a plus (CISSP, CASP+, CSSLP, etc)
* Understanding of security issues and solutions for embedded devices
* Good understanding of networking and related security aspects, and common attacks
* Demonstrated knowledge of developing in a regulated environment and adhering to a quality management system
Benefits
At BD, we offer a valuable, competitive package of compensation and benefits programs which you can learn more about on our Careers Site under Our Commitment to You. There are many factors, such as location, that contribute to the range displayed.
Others
There are numerous opportunities for growth and professional development at BD. If you are passionate about product security, regulatory compliance, and making a difference in the healthcare industry, we encourage you to apply.