5.0 - 10.0 years

0 Lacs

ahmedabad, gujarat

On-site

As a Senior Security Engineer specializing in Medical Device Cybersecurity & Compliance, you will play a crucial role in driving end-to-end cybersecurity integration throughout the product development life cycle. Your primary responsibility will be to ensure that security measures are seamlessly integrated from the initial concept phase to the final product release. You will be tasked with developing and maintaining cybersecurity protocols for medical products, which will involve creating security requirements specifications, conducting risk assessments, building threat models, and documenting product security architecture. Additionally, you will be responsible for performing gap assessments to evaluate compliance with standards such as IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97, and implementing necessary remediation measures. A key aspect of your role will involve conducting hands-on vulnerability assessments, penetration testing, and secure code reviews for embedded devices, components of the Internet of Medical Things (IoMT), and connected systems. Collaboration will be essential, as you work closely with development, compliance, and regulatory teams to ensure that product security measures align with internal policies and external regulatory expectations. You will also be involved in activities such as SBOM management, software supply chain risk evaluations, and third-party component analysis to enhance software transparency and mitigate potential risks. Your expertise will be crucial in advising on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and the cloud-based connectivity of medical systems. Furthermore, you will contribute to the development of incident response strategies and leverage your knowledge of regulations like HIPAA, GDPR, and HL7 to address data privacy and healthcare-specific concerns. Your role will also involve enhancing internal secure development processes, tools, and methodologies, while promoting security best practices within product teams. To excel in this position, you should have a minimum of 6 years of cybersecurity experience, with at least 3 years dedicated to medical devices, embedded systems, or IoT security. Your ability to author security designs, define technical requirements, and document security architectures aligned with regulatory requirements will be critical. Hands-on experience in embedded system security, familiarity with relevant standards, and expertise in vulnerability management and penetration testing are essential for success in this role. Your problem-solving skills, critical thinking abilities, and aptitude for leading gap analysis and remediation activities in regulated environments will be invaluable. Strong collaboration skills and the capacity to influence cross-functional teams, including R&D, compliance, and product management, will also be key to your success in this challenging and rewarding role.,

Posted 1 week ago

Apply

Senior Security Engineer - Vulnerability Assessment SEMI LEAF

5.0 - 9.0 years

0 Lacs

pune, maharashtra

On-site

You will be responsible for driving end-to-end cybersecurity integration across the medical device product development life cycle, ensuring that security is incorporated from the initial concept to the final release. Your role will involve developing and maintaining cybersecurity measures for medical products, including creating security requirements specifications, conducting risk assessments, building threat models, and documenting product security architecture. You will conduct comprehensive gap assessments to assess compliance with standards such as IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97, and implement necessary remediation measures. Additionally, you will be involved in performing hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, IoMT components, and connected systems. Collaboration with development, compliance, and regulatory teams will be a key aspect of your role to ensure that product security measures align with internal security policies and external regulatory expectations. You will also support Software Bill of Materials (SBOM) management, conduct software supply chain risk evaluations, and analyze third-party components to ensure software transparency and mitigate risks effectively. Your expertise will be utilized in providing guidance on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems. You will also contribute to the development of incident response strategies and leverage your knowledge of HIPAA, GDPR, and HL7 to address data privacy and healthcare-specific regulatory concerns. Furthermore, you will play a role in enhancing internal secure development processes, tools, and methodologies continuously, while promoting security best practices within product teams. Your input and efforts will be instrumental in ensuring the cybersecurity readiness and resilience of medical devices throughout their lifecycle.,

Posted 2 weeks ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.