Job Description :

Principal Product Cybersecurity Engineer (Lead)


  • Lead and perform product and device-oriented cybersecurity-related activities ranging from incident response to vulnerability assessments and mitigation implementation.
  • Defined and Implement vulnerability remediation, risk mitigation process and reporting
  • Implement remediation and mitigation of security vulnerabilities by applying network, server and application security controls
  • Develop and perform product-level intrusion detection activities
  • Lead product risk assessments in conjunction with product R&D teams and develop and recommend specific security controls for product/system wide security needs
  • Participate in the creation and testing of product security-related requirements and processes.
  • Manage security-related deliverables for regulatory bodies, ensuring compliance with key standards and regulatory requirements
  • Evaluate and test security risks on programs across the entire product development lifecycle, including market-released products
  • Support emerging cybersecurity certification initiatives
  • Lead application architecture reviews and threat assessments

Responsibilities may include the following and other duties may be assigned.

  • Performs technical planning, system integration, verification and validation, evaluates alternatives including cost and risk, supportability and analyses for total systems
  • Analyses are performed at all levels of total system product to include: concept, design, fabrication, test, installation, operation, maintenance and disposal
  • Ensures the logical and systematic conversion of product requirements into total systems solutions that acknowledge technical, schedule, and cost constraints
  • Performs functional analysis, timeline analysis, detail trade studies, requirements allocation and interface definition studies to translate customer requirements into hardware and software specifications

Relevant Skills / Experience

  • An undergraduate (bachelors) or graduate degree in computer science, electrical engineering, or similar discipline
  • CISSP or similar certification, or sufficient demonstrated experience and/or formal education in cybersecurity and information assurance
  • Minimum of 7 years of technical, cybersecurity-related experience, or advanced degree with a minimum of 5 years' experience
  • Demonstrated leadership and teamwork skills
  • Demonstrated ability to communicate complexity in a clear manner
  • Demonstrated experience interfacing with customers and other external stakeholders regarding cybersecurity system design and behavior
  • Demonstrated strong analytical, problem solving skills
  • Medical and/or IoT embedded device security and systems/stack experience
  • Strong knowledge of cloud systems architecture and security models (AWS/Azure)
  • Enterprise and local network infrastructure security
  • Experience in large-scale (Enterprise) application/security architecture design and code reviews, including penetration and vulnerabilities testing
  • Mobile device application architecture and security
  • Risk and threat assessments and cybersecurity regulatory requirements
  • Experience in static and dynamic code analysis tools and methodologies
  • Must have the ability to understand and analyze PCAP, CVSS, and MITRE
  • Expertise in Agile team settings and can work with at least one of the common frameworks
  • Experience in Healthcare and/or Medical Device industry or other heavily regulated industries
  • Understanding of national and international laws, regulations, and policies related to regulated medical device cybersecurity
  • Experience with container technologies such as Docker, Kubernetes, Mesos, or Open Container Initiative (OCI)
  • Demonstrated ability to develop and grow productive, trusting, and open relationships with a wide variety of constituencies and stakeholders

Required Skills : Threat Modeling Embedded or Medical Device
Basic Qualification : Firmware/bluetooth/IoT
Additional Skills : Firmware/bluetooth/IoT
Background Check :Yes
Drug Screen :Yes
Notes :
Selling points for candidate :
Project Verification Info :
Candidate must be your W2 Employee :Yes
Exclusive to Apex :No
Face to face interview required :No
Candidate must be local :No
Candidate must be authorized to work without sponsorship ::No
Interview times set : :No
Type of project :Development/Engineering
Master Job Title :Security Engineer
Branch Code :Minneapolis

Similar Jobs you may be interested in ..