principal product security engineer - medtech.

• danvers , massachusetts

• posted march 13, 2024

job details

summary

• $60 - $75 per hour

• temp to perm

• bachelor degree

• category computer and mathematical occupations

• reference1045321

job details

job summary:

One of our Massachusetts clients is looking for a Product Security Analyst to join their Product Security team to help ensure security is implemented by design for this top-performing medical device company. You will own the Product Security process that includes both pre-market and post-market processes engineering teams leverage throughout the product development lifecycle.

Hyrbid Remote/Onsite Danvers, MA

Required

• Bachelor's degree or equivalent work experience.

• 5-7 year's industry experience in Information Security.

• Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).

• Experience with security risk management techniques.

• Experience working in a regulated environment, FDA-regulated preferred.

(Medtech experience is a must have)

location: Danvers, Massachusetts

job type: Contract

salary: $60 - 75 per hour

work hours: 8am to 5pm

education: Bachelors

responsibilities:

• Being at the office in Danvers MA for a minimum of 3 days per week.

• Partner with engineering teams (cloud, console, pump, etc.) to drive successful adherence to product security policies, processes, program objectives.

• Create, update, and improve product security processes.

• Act as a SME on cyber security matters and provide guidance to development teams.

• Advocate for proactive inclusion of cyber security input into all phases of the product life cycle, process improvements, CAPAs, strategic product road map planning.

• Deliver documentation for pre-market product development activities including security plans, architecture diagrams, data flow diagrams, threat models, security requirements, Design for Security, SBOM, and risk management documentation.

• Drive and monitor and post-market vulnerability management activities, with adherence to strict timelines.

• Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, etc.

• Identify, research, evaluate, and integrate new compliance requirements, industry standards, and best practices into the product security programs.

• Guide teams to make decisions that balance business needs with medical device security objectives.

• Work across organizational boundaries and exhibit empathy with customers, both internal and external.

Required

• Bachelor's degree or equivalent work experience.

• 5-7 year's industry experience in Information Security.

• Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).

• Experience with security risk management techniques.

• Experience working in a regulated environment, FDA etc.

(Medtech experience is a must have)

qualifications:

• Experience level: Experienced

• Minimum 5 years of experience

• Education: Bachelors

skills:

• Network Security

• Network SecurityEqual Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).Applications accepted on ongoing basis until filled.