Cybersecurity Engineer

Job Summary

The Cybersecurity Engineer, under minimal supervision, provides hands-on product security engineering, encompassing various aspects of medical device cybersecurity for devices with embedded and web applications. Actively engages in all stages of secure product development, with a particular emphasis on threat modeling, vulnerability analysis, and risk assessment. Contributes to the architectural design process to guarantee that security requirements are met. Supports the implementation of a comprehensive security testing strategy and assists in the formulation and execution of cybersecurity policy for medical device development and on-market medical devices.
• Salary Range: $119.000 - $130,000
• Position is eligible to participate in a bonus plan with a target of 8% of the base salary (include only if applicable to the grade level)
• Final pay determinations will depend on various factors, including, but not limited to experience level, education, knowledge, skills, and abilities.
• Our benefits and programs are comprehensive and thoughtfully crafted to ensure our colleagues live healthy lives and have support when it matters most. Benefits offered include a 401(k) plan with company contributions, paid vacation, holiday and personal days, employee assistance program, and health benefits to include medical, prescription drug, dental and vision coverage. Read more about our benefits here.
Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum.

Responsibilities

In compliance with September 2023 FDA guidance, “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions”, the following activities will be performed

• Threat modeling
• Vulnerability analysis and risk estimation
• Risk evaluation
• Vulnerability prioritization
• Security risk control assessment
• Development and execution of security test strategy
• Review product cybersecurity standard operating procedures and provide pragmatic recommendations for continuous process improvements to maintain compliance with global regulatory standards and agency regulations
• Provide cybersecurity guidance to the broader product development team to ensure uniform adherence to industry best practices across all product designs and processes

Requirements

• Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity or related Engineering degree

• Experience or in-depth knowledge of FDA regulatory requirements for cybersecurity in medical devices

• 5+ years of experience in performing cybersecurity activities

• Experience in application of cybersecurity to embedded medical device software and/or web applications

• Expected to be abreast of rapidly evolving cybersecurity landscape and applicability to medical devices

• Must possess excellent written and verbal communication skills

• Experience in the planning and execution of Cybersecurity Penetration testing.

• Experience in Software Composition Analysis.

Additional Information

We offer an excellent salary and benefits package including medical, dental and vision coverage, as well as life insurance, disability, 401K with company contribution, and wellness program.

Fresenius Kabi is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship, immigration status, disabilities, or protected veteran status.