Security Consultant assessing and implementing security measures for organizations. Collaborating with clients to enhance their security posture and protect sensitive data.
About the role
- Staff Product Security Engineer focused on implementing cybersecurity in medical device design and development at Johnson & Johnson. Contributing to new product development teams and ensuring patient safety.
Responsibilities
- Identify threats and vulnerabilities to patient safety and product integrity, assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs.
- Drive architecture, requirements, and design to ensure that decisions incorporate security considerations.
- Advise embedded system security software to ensure system hardening and secure coding practices.
- Support all stakeholders on patch management, vulnerability handling, and SBOM scanning
- Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304)
Requirements
- Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity or related degree
- 6+ years’ experience (or 4+ with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices
- 3+ experience in a software engineering or software architectural role in a New Product Development (NPD) environment
- Proven experience with threat modeling and risk assessments for connected products or medical devices
- Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams
- Ability to think big picture and have attention to detail – aligning strategic objectives with tactical implementation.
- Proven experience with electrical and embedded software design
- Experience developing software for embedded Real-Time Operating Systems (RTOS)
- Experience developing embedded software systems using Modern C++ (preferably standards 17+)
- A results and performance driven demeanor with strong sense of accountability
- Understanding of penetration testing, vulnerability scanning, and/or other general security testing principles
- Experience with FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL 2900)
- Work experience with Systems Engineering activities: requirements management and development, risk management, and verification
- Strong collaboration, proven technical leadership capabilities, and conflict resolution skills
- A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience
- Ability to travel up to 10% domestic US and Internationally
Benefits
- medical
- dental
- vision
- life insurance
- short- and long-term disability
- business accident insurance
- group legal insurance
- consolidated retirement plan (pension)
- savings plan (401(k))
- long-term incentive program
- Vacation – up to 120 hours per calendar year
- Sick time - up to 40 hours per calendar year
- Holiday pay, including Floating Holidays – up to 13 days per calendar year
- Work, Personal and Family Time - up to 40 hours per calendar year
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Manager overseeing leadership protection and event security for GEICO. Responsible for security planning, threat analysis, and incident management during company events.
Cybersecurity Consultant managing TDR delivery team to enhance client security posture. Collaborating with clients and leading technical contributions in cybersecurity services.
Cyber Security & Compliance Lead protecting data and systems at Displayr. Responsible for risk management, compliance frameworks, and innovative security solutions using AI.
Lead Engineer in Security Engineering at Allstate overseeing security controls and product security teams. Collaborating with global stakeholders to manage security architecture and meet key performance indicators.
AI Security Architect focusing on AI security and governance for Voya Financial's applications and projects. Leading initiatives in artificial intelligence and securing innovative technology solutions.
Senior Analyst for Third - Party Security at a leading law firm. Responsible for program execution and risk assessment regarding vendors and service providers.
Application Architecture Engineer responsible for defining software architecture frameworks and leading implementation teams. Driving innovation in developing robust and scalable applications at Schneider Electric.
Security Officer managing safety and security at Cromwell Hospital and Canary Wharf locations. Responding to security requests and maintaining logs while ensuring compliance with safety regulations.
Behavioral Health & Security Associate in Peoria providing care and oversight for patients with behavioral health needs. Ensuring a safe environment and effective support for patients and staff.