Product Security Engineer will work on a hybrid basis (3 days home, 2 days office) for a Limerick‑based customer. The Product Security Engineer will define and embed secure‑by‑design practices across the SDLC, including security requirements, risk assessments, SBOM and OSS supply chain governance, vulnerability management, and security architecture reviews.
Responsibilities
Educate engineering teams to understand security requirements and find practical solutions on how to implement into new and existing products
Implement software security solutions and architect/design products in accordance with industry accepted standards for medical device security including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring.
Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers both on and off‑site.
Support in the development of Product Security Documentation including:
Providing standardized Product Security documentation
Using document management platforms (SAP, DocuSign, SharePoint)
Organize and support the document review and approval process
Ensure that deliverables are delivered punctually and to the required level of quality
Lead technical design reviews and code inspections. Provide clear, actionable feedback for project team members
Assist product development teams in creating Incident and Vulnerability Management Plans and Product Security White Papers
Participate on product security incident response teams.
Interface with other technical departments such as Penetration Testing Team, Systems, Hardware Engineering, Quality, and technical services
Assure adherence to development policies and software quality procedures
Qualifications
BS degree in Computer Science, Computer Engineering, Electrical Engineering, other related engineering field or equivalent work experience required
Minimum of 3 years of experience in IT‑Security architecture, secure software development, systems & architecture concepts, and designs
Required Knowledge, Skills, and Attributes
Working experience with various encryption algorithms and PKI solutions
Understanding of security issues and solutions for embedded devices
Experience with dynamic and static code analysis tools
Solid understanding of networking and related security aspects and common attacks
Demonstrated understanding of developing in a regulated environment and adhering to a quality management system
Excellent written and verbal communication and interpersonal skills are essential
Demonstrated positive work ethic with a strong commitment to achieving project goals
Solid understanding of Microsoft Office products and tools
Nice‑to‑Haves
Experience with embedded devices and IOT especially in the IT‑Security domain
Experience with security tools and distributions (BurpSuite, Nessus, NMAP, …)
Understanding of Wi‑Fi security
Knowledge of completing a track trace and plan using a security requirements traceability matrix (SRTM) or similar tool with the goal of tracking security requirements
Experience working in a regulated (FDA, MDR) environment with medical instrumentation is a plus
Work experience in network security along networking fundamentals (IP protocol, firewalls etc.) strongly desired
Recognized security certifications (CISSP, CEH, CSSLP etc.)
#J-18808-Ljbffr