Product Security Staff Engineer

The Product Security Principal Architect at Stryker plays a crucial role in collaborating with product development teams to implement effective security controls during the digital systems development processes. Responsible for shaping the security of Stryker products before market release, this professional guides teams to prioritize Security by Default, ensuring product resilience in the marketplace. Key responsibilities of this role include generating threat models with risk scoring, identifying and implementing security controls at various stages of product development, providing oversight during verification and validation, and supporting security investigations and responses post-market launch. **What You Will Do:** **Technical Responsibilities:** - Assess security risks and influence design decisions for new and evolving products to ensure they are secure by design. - Lead the development of threat models to address product risk related to security. - Define security requirements for new or evolving products. - Collaborate with product teams to address security issues and vulnerabilities identified through security tooling. - Assist product security incident response teams in effectively responding to and documenting security incidents. - Summarize security concepts used in product requirements, design, and build phases for internal and external communications. - Provide guidance on product security to internal taskforce teams. **Knowledge and Capabilities:** - Stay informed on security standards and guidelines from regulatory bodies such as FDA, NIST, ISO, and IEC. - Apply security control frameworks, threat modeling, and vulnerability severity scoring to secure products effectively. - Experience in designing secure products within the IoT ecosystem that includes embedded devices, clouds, and mobile devices. - Stay updated on vulnerabilities and exploits that may impact Stryker's ecosystem across various computing areas. **What You Will Need:** **Basic Qualifications:** - Bachelor's Degree in product security, computer science, mathematics, statistics, or related field. - Minimum of 8 years of relevant (product) security work experience. **Preferred Qualifications:** - Master's degree in a security-related discipline. - Knowledge of quality management systems in healthcare, medical device, or cyber-physical industries. - Experience implementing secure technologies in embedded devices, clouds, and mobile devices, including transport and communication protocols. - Possession of one or more active, industry-recognized cybersecurity certifications. Stryker, a global leader in medical technologies, is committed to enhancing healthcare outcomes through innovative products and services in MedSurg, Neurotechnology, Orthopaedics, and Spine. With a focus on making healthcare better, Stryker positively impacts over 150 million patients worldwide annually.,