Device Security Engineer

The Device Security Engineer is a cybersecurity specialist responsible for ensuring the security and integrity of critical healthcare technology. This role involves analyzing software and hardware for vulnerabilities, creating secure maintenance instructions, collaborating with product development teams, conducting vulnerability assessments, and supporting incident response efforts.

Key Responsibilities

• Implement security controls for embedded software in STERIS products and related applications.
• Develop and maintain Software Bill of Materials (SBOM), track vulnerabilities, and coordinate remediation with product teams.
• Assist in product security risk assessments, requirements analysis, and test method development.
• Execute product security testing, including planning, test case creation, and procedure development.
• Perform vulnerability assessments and network port scanning.
• Identify and remediate software security vulnerabilities in collaboration with product teams.
• Participate in cybersecurity improvement projects, tools, and practices.
• Respond to cybersecurity questionnaires from customers.
• Create and update FAQs, white papers, and knowledge articles based on common customer queries.
• Perform other related duties as assigned.

Required Qualifications

• 2-3 years of direct experience in cybersecurity, including risk assessments and security testing.
• Knowledge of cybersecurity principles, software engineering, and software development lifecycle.
• Proficiency in programming languages such as Python, C/C++, C#, and Java.

Preferred Qualifications

• Experience with vulnerability scanning tools and threat intelligence services.
• Familiarity with threat modeling tools and penetration testing.
• CISSP or equivalent security certification.
• Knowledge of Windows and Linux operating systems and configurations.

Skills & Competencies

1. Strong team player with ability to collaborate across multiple locations.
2. Interest in advanced security techniques, standards, and practices.
3. Knowledge of vulnerability assessment techniques and cyberattack defenses.
4. Strong communication and problem-solving skills.
5. Experience developing applications for multiple operating systems.
6. Understanding of IoT and related solutions.

• Bachelor s degree in Computer Engineering, Computer Science, Software Engineering, or Cybersecurity.

• Hybrid work model:

  In-office on Monday, Wednesday, and Friday.

• Working Time:

  2 PM IST to 11 PM IST

• Work Location

  : Pune