Lead Engineer – Product Security Representative
Job details
Job description, work day and responsibilities
Job Requirements
Company: Quest Global
Job Category: Med Tech and Healthcare
We are seeking a highly skilled and experienced Product Security Representative to join our team at Quest Global. As a Lead Engineer, you will play a crucial role in product security activities for our Med Tech and Healthcare projects.
Roles and Responsibilities:
• The Product Security Representative (PSR) will be responsible for ensuring the security and compliance of software products
• Provide security guidance to product teams and assist in identifying and mitigating security risks in the development process.
• Respond to security incidents, conduct investigations, and communicate findings to relevant stakeholders.
• Stay current with industry trends and emerging threats and advise product teams on how to address these risks.
• Communicate security information to stakeholders, including customers and other relevant parties.
• Collaborate with other security teams within the organization, such as the Information Security team, to ensure alignment with the overall security strategy of the company.
• Respond to audits and work with the Product Security Leader to ensure compliance with relevant regulations and standards, including FIPS, STIG, GDPR, and HIPAA.
• Design secure applications and provide guidance on secure application design, with a good understanding of software design principles.
• Model security threats and mitigate them to ensure the protection of Personal Identifiable Information (PII) and Personally Health Information (PHI) being transferred using DICOM.
• Possess a strong understanding of HL7 and experience working with it in the healthcare domain.
Work Experience
Required Skills:
• Bachelor’s degree in computer science, Information Security, or a related field.
• 8-10 years of experience in product security, with a focus on software security.
• Strong understanding of secure coding practices, including experience with C++, Java, Go and Python– Mandatory
• Experience in handling security assessment of Kubernetes, Microservice based architecture.
• Experience with security and compliance standards, including FIPS, STIG, GDPR, and HIPAA.
• Familiarity with OWASP vulnerability analysis, CVSS scoring and mitigation methodologies.
• Excellent communication skills, both written and verbal, and the ability to effectively communicate security information to both technical and non-technical stakeholders.
• Strong problem-solving and analytical skills, and the ability to think critically and creatively.
• Ability to work effectively in a fast-paced and dynamic environment, and to prioritize and manage multiple tasks and projects.
• Experience in working with Agile.
• Good communication and presentation skills.
Desired Skills:
• Experience in developing software applications for Medical Devices domain CT, XR, MR, Common Platform, DICOM standard and IHE standards.
• Cybersecurity certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar certifications are desirable.
Ability to explore large code base and understand architecture and design
The position is suitable for candidates with education
This position is suitable for fresh graduate
Company address
You will be redirected to another website to apply.
Offer ID: #1137454,
Published: 4 days ago,
Company registered: 3 months ago
