Cybersecurity Engineer-Red Team
Bedford
Overview:
This position is part of the Chief Information Security Officer Group (CISO Group), with worldwide responsibility for cybersecurity for IT, business systems, the network with extends to affiliates and security of products and services. Reporting to the Lead of the Red Team Testing, and day-to-day supervision by a Product Cybersecurity Engineer.The primary responsibility of the position involves ethical hacking, white box, blackbox and pen testing products and IT systems. The role requires a deep understanding of current and emerging cybersecurity threats in the IVD market, as well as the ability to develop, implement and test robust security solutions.
Initial focus is for transplant and transfusion family of Werfen medical devices.
Responsibilities:
Key Accountabilities- Ethical hacking/penetration testing:
- Perform black-box penetration testing on complex applications and web-based products
- Perform white-box penetration testing on medical devices and/or the supporting software connectivity tools
- Analyze and exploit hardened applications and operating systems
- Perform basic network analysis and attacks such as ARP poisoning, packet replay, and DNS spoofing
- Analyze and exploit advanced external hardening configuration of a cloud solution
- Perform basic cracking techniques
- On-market vulnerability testing and submissions to FDA and US Department of Defense
- Execute manual and automated monthly vulnerability testing and reporting evidence
- Continuous learning for new cyber techniques, evolving cyber requirements for medical devices and supporting infrastructure
Networking/Key relationships
Able to identify and resolve common legal issues and build strong relationships with other global business stakeholders, including IT, HR, Marketing, Product Privacy & Security, and other departments.
Qualifications:
Minimum Knowledge & Experience required for the position:The qualifications required by the position are:
- Engineer, computer science or other technical degree, or equivalent work experience
- 5 year of experience that combine ethical hacking and penetration testing, producsecurity by design or medical device testing
The following work experience and qualifications are a plus:
- Strong knowledge of secure coding practices and product security best practices
- Certifications such as Certified Ethical Hacker (CEH)
- Solid knowledge on software testing process and methodology
- Knowledge on relevant standards such as ISO 27001 Knowledge of medical device cyber regulations applicable to FD&C Act 524B, FDA 510(k) submission, premarket approval (PMA)
The skills and capabilities required by the position are:
- Strong analytical and problem-solving skills to identify and address security challenges and vulnerabilities
- Effective communication skills to convey complex cybersecurity concepts to both technical and non-technical stakeholders
- Willingness to stay updated on the latest cybersecurity trends, threats, and technologies through continuous learning and professional development
- Ability to collaborate with cross-functional teams, share information, and work together to enhance overall cybersecurity posture
Travel requirements: Less than 10% of the time
Bedford (MA)
selects, and applies standard engineering techniques, procedures, and criteria, using judgment in making minor adaptations and modifications. Assignments have clear and specified objectives and require the investigation of a limited number of variables...
Lexington (MA), 3 mi from Bedford (MA)
attest that all information I submit in my employment application is true to the best of my knowledge.
Job Description
Takeda Development Center Americas, Inc. is seeking an Engineer IV in Lexington, MA with the following requirements: Master’s degree...
Burlington (MA), 4 mi from Bedford (MA)
Job Description:
Assists in planning, designing and directing engineering projects within the business unit. The assignments contain specific tasks on project teams and these individuals are expected to use their education, intelligence and common...
Best jobs you don't want to miss: