You will be responsible for:
* Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs.
* Drive architecture, requirements, and design to ensure that decisions incorporate security considerations.
* Advise embedded system security software to ensure system hardening and secure coding practices.
* Support all stakeholders on patch management, vulnerability handling, and SBOM scanning
* Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304)
Qualifications / Requirements:
Education:
* Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity or related degree
Experience and Skills
* 6+ years' experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices
* 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment
* Proven experience with threat modeling and risk assessments for connected products or medical devices
* Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams
* Ability to think big picture and have attention to detail – aligning strategic objectives with tactical implementation.
* Proven experience with electrical and embedded software design
* Experience developing software for embedded Real-Time Operating Systems (RTOS)
* Experience developing embedded software systems using Modern C++ (preferably standards 17+)
* A results and performance driven demeanor with strong sense of accountability
* Understanding penetration testing, vulnerability scanning, and/or other general security testing principles
Preferred Skills & Experience:
* Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900)
* Work experience with Systems Engineering activities: requirements management and development, risk management, and verification
* Strong collaboration, proven technical leadership capabilities, and conflict resolution skills
* A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience
* Experience working with secure boot, Trusted Platform Module (TPM), Data Distribution System (DDS), and QNX