Cybersecurity Software Engineer IV

SUMMARY:

Senior Cybersecurity Software Engineer with an advanced knowledge of embedded software development. Responsible for secure software development following DevSecOps best practices. Working directly with the engineering team, the Cybersecurity Software Engineer will act as a lead for all cybersecurity development aspects of a medical device product, oversee the cybersecurity analysis of any features and systems, the definition of the mitigation actions, and the implementation of the development plan, as well as the creation and maintenance of the related documentation. Exhibits a high level of cybersecurity skills, software development mastery, technical direction, planning, and vision. Ensures the established Quality Standard for documentation, software development, and Cybersecurity is applied thoroughly and consistently.

ESSENTIAL DUTIES & RESPONSIBILITIES:

• Work in a lead capacity as a member of an agile development team to develop secure embedded and application-level software for medical devices.
• Determine cybersecurity level of effort and its impact on the project feasibility & timeframe.
• Train the engineering teams on Cybersecurity best practices, policies, and documentation.
• Assist with defining software requirements, based on marketing collaboration and regulatory expectations, including those related to cybersecurity.
• Responsible for the cybersecurity analysis and related risk mitigation process.
• Direct interface with Project and Product Management.
• Design, code, and test software. Software development (includes new projects and maintenance projects) to be done per the established Quality System.
• Review the security architecture of existing and upcoming products.
• Create and maintain associated documentation, including cybersecurity deliverables.
• Support Product Management as needed for market acceptance testing.
• Report software development status to Project Management.
• Provide technical direction and/or mentoring of less-experienced software engineers.
• Identify and promote best practices for software development.
• Forge strong relationships across departments and other companies.
• Stay abreast of new technologies and developments in the embedded software engineering field.
• Directly support 3rd party development, including requirements, timeline of deliverables, debugging, integration and performance analysis.
• Lead by example.
• Insist on the highest quality in their own work and that of others.

SKILLS, KNOWLEDGE, AND LICENSE OR CERTIFICATE REQUIRED:

• Experience with cybersecurity analysis and risk mitigation, including safe coding practices, data flow diagrams, threat models, etc.
• Experience with cybersecurity expectations of medical device regulatory bodies (FDA, MDR, GDPR) highly desired.
• Medical product development experience desired.
• Knowledge of medical device quality system regulations and standards (e.g., U.S. FDA Quality System Regulation 21CFR Part 820, ISO13485, ISO9001, IEC 62304, ISO14971).
• Proven experience in leading development of two or more commercial applications or technologies.
• Experience with design documentation for software.
• Extensive knowledge of the Linux platform and tools (gcc, gdb, make, shell scripting, etc.) is required. Has proven experience with cross platform issues and is able to learn new platforms quickly.
• Experience working with RTOS, cross-compilers, and other technologies in embedded applications.
• Experience with microprocessor and embedded systems industry innovations and developments.
• Strong knowledge of Internet technologies, communication protocols, networking, network security, Hardware Security Modules, PKI, Transport Layer Security, and related techniques is required.
• Security certification (CSSLP, HCISPP, CISSP or similar) is highly desired.
• Excellent knowledge of current software development best practices, object-oriented design, SOLID, event-driven architecture, multimedia processing, interface design, localization, portability, extensibility, and testability.
• In-depth knowledge of C/C++ and associated debugging techniques.
• Excellent communication skills. Has forged relationships with development personnel throughout the company.
• Excellent project planning and estimating skills; drives projects and keeps them moving through daily obstacles; asks for additional assistance when appropriate.
• Self-motivated; works with minimal supervision.
• Enthusiastic about the company and about developing its high-quality medical products.
• Strong software design skills.
• Writes clear, maintainable, well-documented, portable code.
• Recognizes problems and offers solutions. Helps the group adapt to changing conditions.

PHYSICAL REQUIREMENTS:

• This position requires occasional lifting of test equipment such as a PC, monitor, camera, etc. up to approximately 30 lbs.
• The employee will also need to work in front of a monitor for extended periods of time.

EDUCATION/EXPERIENCE:

• BS/MS in Computer Science, Electrical Computer Engineering or related field with 8-10 years of experience in software development.

TRAINING REQUIREMENTS:

• Injury and Illness Prevention Program; annually - OSHA requirement.
• Quality System training.
• Job Specific - In house requirement.