Associate Director, Cyber Security Architect (Remote
- Job Type:
- IT leadership
- $200:000 - $230:000
- Ref #:
**New Permanent Role – Associate Director, Cyber Security Architect (Remote)**
Location – Remote – United States
Salary $200k - $230k & Benefits Package
Industry – Medical Device
Job Description Summary
Overall Product Security Lead for the infusion/injection products containing Software/Firmware
Within company Digital Health, you will have the opportunity to play a vital role in a new product initiative and make a lasting impact in the care of Diabetes. You will also have the advantage of combining the best of both worlds; the agility and creativity of a start-up with the resources of a Fortune 500 company. We are looking for highly innovative, passionate, and talented individuals to join our team. If you want to develop revolutionary products for the Diabetes Care market, please join us.
As the Cyber Security Architect, you will partner with our product development and engineering organizations to enable them to build and enhance security in the Diabetes care and Digital Health products and services. The right candidate is a positive, forward-looking person who must be self-directed requiring minimal daily direction, collaborates often and effectively with project team members, presents a positive and professional demeanor with customers, and excels at solving difficult problems. You will evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static code analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk. The Cyber Security Architect will participate in a full medical software development process and adhere to a quality management system.
In This Role You Will Be Responsible For
- Design and Implement software security solutions in accordance with industry accepted standards for encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
- Develop and administer software engineering procedures and training for vulnerability scans and static code analysis
- Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers.
- Keep abreast of advances in secure system design and development practices, threats and threat actors, and new attack techniques or areas of security research, and provide guidance to the product organizations to help them avoid or mitigate future security concerns.
- Assist product development teams in creating Incident and Vulnerability Management Plans and Product Security White Papers
- Participate on product security incident response teams.
- Collaborate with other technical departments such as Penetration Testing Team, Systems and Hardware Engineering
- Collaborate with Quality and Technical Service
- Demonstrate proper secure coding practices driving standards within the software engineering organization
- Lead technical design reviews and code inspections. Provide clear, concrete feedback for project team members
To Be Successful In This Role, You Require
- Knowledge of common security standards and best practices, such as NIST 800-53/800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards
- Knowledge of Windows networking fundamentals (IP protocol, switches, routers)
- Demonstrated understanding of developing in a regulated environment and adhering to a quality management system
- Excellent written and verbal communication and interpersonal skills are critical.
- Demonstrated positive work ethic with a strong commitment to achieving project goals
Education And Experience Required
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, or another field is required
- Minimum of 5 years of experience in software development, systems & architecture concepts and designs
- Minimum of 5 years work experience implementing security controls in software
- Minimum of 5 years work experience with C#/.NET development
- Minimum of 3 years work experience using secure coding practices
- Minimum of 3 years in a security-focused role familiar with post-market security monitoring, threat response, and ongoing security sustaining practices