Jobsuche > Darmstadt > Security engineer

Senior Product Security Engineer (m/w/d)

Exocad
Darmstadt
Diese Stelle ist in deinem Land nicht verfügbar.

To strengthen our Quality- / Security team at Darmstadt, we are looking for you as a

Senior Product Security Engineer in Technology Governance and Compliance (m / w / d)

We are seeking a Senior Product Security Engineer in Technology Governance and Compliance. You should have exceptional skills with privacy and security by design, formal standards documentation, information security or application security, product development life cycle for medical devices, and experience with risk management and project management.

You will report directly to the Senior Manager, Product Security and will collaborate with the other company wide Information Security- and other relevant teams to ensure every medical device both hardware and software launched is as secure as it can be and increasing the assurance levels of security in the infrastructure underlying all our products.

In this role, you will analyze data, surface trends, and ensure compliance of product security regulatory requirements for software in a medical device or software as a medical device.

Main Responsibilities :

  • Coordinate with cross-functional teams for medical device security requirements throughout the total product lifecycle such as risk assessment, security testing (SAST, DAST, SCA, penetration testing), and publication of product security collaterals.
  • Perform and participate in medical device security risk assessments to include threat modeling, security design controls, mitigations, and publication of assessment reports.
  • Use software tools for automation of processes.
  • Support Regulatory Affairs and Quality Assurance teams with regulatory submissions to include US FDA, EU MDR, Japanese PMDA, China NMPA or other international regulatory bodies.
  • Active engagement with development teams to include review of architecture flows, data flows, and system or software design requirements for compliance with product security regulatory requirements for medical devices.
  • Assess conformance with monitoring and reporting of product security vulnerability management through vulnerability scans, customer complaints, and third parties.

Your Profile and Skills :

  • Bachelor’s or master’s degree in a relevant field (Cybersecurity / Security, Software Engineer, Computer Engineer, Biomedical Engineer, Risk Management, or others) OR an equivalent combination of education, training, and experience in the medical device industry, preferably with software in a medical device or software as a medical device.
  • Minimum of 7 years of professional experience with any combination of at least 2 technical disciplines, including the following : application security, medical device security, risk management, biomedical engineering, medical device design (SiMD / SaMD), or cloud security.
  • Knowledge of medical device cybersecurity standards such as IEC 81001-5-1, IEC TR 80001-2-2 : 2012, FDA Cybersecurity Guidance, or Medical Device Software Software Life Cycle (ISO 62304) processes.
  • Fluent in English with excellent verbal and written communication skills comfortable interacting at all levels of the organization.

In addition German skills would be a plus

  • Effective problem-solving skills with particular emphasis on root cause analysis with attention to details.
  • Demonstrated project management and decision-making skills.
  • Experience with regulatory compliance and submissions.
  • Ability to work as a team player to find solutions.
  • Travel : 5% - with some international travel required.

Preferred / would be a plus :

  • Knowledge of application of risk management to medical devices (ISO 14971) and / or medical device quality management requirements (ISO 13485).
  • Experience working with people across multiple global geographies.
  • Demonstrate knowledge in understanding and applying medical device cybersecurity regulations, standards, and principles such as those published by ISO / IEC, AAMI, HSCC, EU MDR, NMPA, FDA.
  • Information Security professional certification such as CMRP, HCISPP, CISM, CISA, CISSP, CompTIA, CHP, CRMP, and / or other certifications related to cyber forensics, threat intelligence, incident handling or ethical hacking.
  • A passion for self-improvement through learning in all disciplines but especially in information technology and discovering how to apply that knowledge to better assess risk in software in a medical device or software as a medical device.

What we offer you

  • Exciting and varied activities in a dynamic and growth-oriented software company
  • Open-door policy and responsive, agile approach to decision making
  • Positive working atmosphere that promotes both individual freedom and responsibility
  • Strong team spirit and very good working atmosphere
  • Modern offices and workstations, working with the latest technologies
  • Flexible working hours
  • Hybrid work, Tuesday till Thursday are office days, Monday and Friday home office is possible
  • Training opportunities
  • Company events
  • Sports opportunities and work-life balance
  • Free drinks, fruit and snacks / Canteen with own cook
  • Good transport connections
  • JobTicket / JobBike

Our Mission

exocad's mission is to make high-quality dental restorations accessible to everyone. At exocad you will work on a product that gives people more quality of life every day.

exocad offers you a very interesting working environment in one of the market-leading software companies in the dental industry.

Vor 30+ Tagen
Ähnliche Stellenangebote
Gesponsert
Secunet Security Networks AG
bundesweit, Germany

Deutschlands führendes Cybersecurity-Unternehmen. ...

Gesponsert
trg.recruitment
Germany, Germany

We’re seeking a Senior DevSecOps Engineer to join an existing team of 2 to work on the security function across this company’s 2 main products. ...

Exocad
Darmstadt, Hessen

You will report directly to the Senior Manager, Product Security and will collaborate with the other company wide Information Security- and other relevant teams to ensure every medical device both hardware and software launched is as secure as it can be and increasing the assurance levels of securit...

SVA
Bensheim, Hessen

Zu Ihren Aufgaben gehören die fachliche und methodische Cyber-Security-Beratung sowie technische Unterstützung zur Absicherung von Produktionsanlagen (ICS) und modernen vernetzten IIoT-Umgebungen bei großen und mittelständischen Unternehmen. Identifikation von Assets in Produktionsnetzen sowie deren...

EDAG Engineering Group
Remote, DE

Experte* / Senior Engineer* Cyber Security Automotive. JobPosting", "title" : "Experte* / Senior Engineer* Cyber Security Automotive", "description" : "Hohe Kompetenz und die Leidenschaft für neue Herausforderungen machen unseren Bereich Electrics/Electronics zum Wegweiser in der automobilen Zukunft...

CGI
Deutschlandweit

Mitarbeit beim Service- und Prozess-Design und der kontinuierlichen Verbesserung im SOC/SIEM Engineering. ...

Chronos Consulting
Deutschland
Homeoffice

Hands-on experience designing and deploying security controls across all security domains, such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions. They are...

adesso SE
Frankfurt am Main, Hessen

Security-Requirements-Engineering. Statische und dynamische Security-Tests (z. Bei adesso nimmst du an gezielten Schulungsmaßnahmen teil, die dein Security-Portfolio ergänzen und abrunden. Einsatz von Kryptographie und anderen Security-Funktionen. ...

Endress+Hauser
DE

Flexible Arbeitszeit ohne Kernzeit in Vollzeit 40 Std.In Zusammenarbeit mit den Produktentwicklern sorgen wir dafür, dass die notwendigen Zertifikate vorliegen, so dass unsere Geräte weltweit in alle Branchen verkauft werden können.Koordination von weltweiten Produktzulassungen für die Bereiche Expl...

adesso SE
Frankfurt am Main, Hessen

In deiner Rolle als Security Application Engineer bist du in einem neuen Fachteam für den Geschäftsbereich "Health" als zentrale Ansprechperson im Bereich Security verantwortlich. Bei adesso nimmst du an gezielten Schulungsmaßnahmen teil, die dein Security-Portfolio ergänzen und abrunden. Statische ...