Sr II - Embedded Product Security Engineer (US, Remote)

Requisition ID: 65592 Title: Sr II - Embedded Product Security Engineer Salary Range: Salary Minimum: $115,000 Salary Maximum: $190,000 Seeking Embedded Software Engineers with an interest in cybersecurity wanting a career that positively impacts people lives!! Arthrex is a global medical device manufacturer, and our mission is Helping Surgeons Treat Their Patients Better™. The right candidate for this role will have some experience securing and pen-testing embedded or IoT devices along with a background in electrical engineering or software system design. As our Sr II Embedded Product Security Engineer, your day-to-day would be assisting our product design and development teams in securing connected and IoT medical devices. You would take part in architecture reviews, grooming product security requirements, testing for vulnerabilities, and documenting the steps of our Secure Product Development Framework for use in regulatory submissions around the globe. You will have the opportunity to attend training for security certifications and go to events like H-ISAC Conferences, DEF CON, and Black Hat. And of course, you would get to help secure cutting-edge technology that has a positive impact in society! Main Objective: Responsible for product software and hardware design implementations from a cybersecurity perspective, and identifying and resolving security issues, including the appropriate security analysis, defenses, and countermeasures at each phase of the product lifecycle, to result in robust and reliable products. Essential Duties and Responsibilities:

• Designs security architecture of components or functional systems and modifies existing designs to develop or improve products.
• Recommends alterations to development and design to improve the security of products and/or procedures.
• Contributes to a broader design perspective and considers how an application interacts with the underlying infrastructure or external resources.
• Develops threat scenarios and designs responses for associated vulnerabilities to mitigate risk.
• Maintains design history file for assigned projects, adhering to Arthrex design control procedures.
• Determines the necessity of security testing and initiates testing of assigned products.
• Provides Regulatory department technical support for assigned projects as needed.
• Supports Marketing and Product Management with technical information to be used for training and marketing of assigned products.
• Supports Software Engineering to design and develop components, processes, and training using Security-by-Design and Privacy-by-Design principles.
• Supports surgeon and distributor customers in the sales process by educating and demonstrating security-focused aspects of assigned products as needed.
• Partner with Legal, Compliance, Privacy, and Information Security departments to ensure products and staff comply with required laws, regulations, and policies.
• Reports progress and status of assigned projects on a timely basis.
• May be required to travel; International travel may be required.

Knowledge:

• Complete understanding and application of principles, concepts, practices, and standards. Full knowledge of industry practices.

Skills:

• Knowledgeable of System and Software Development Processes and Lifecycles required.
• Knowledgeable of application security best practices required.
• Knowledgeable of FDA and ISO guidelines for the development of medical devices required.
• Experience leading strategic discussion that addresses both business and technical risks required.
• Proficiency in the development of threat scenarios and risk mitigation techniques required.
• Proficiency in the use of the privacy by design principle required.
• Strong Project management and communication skills preferred.
• Experience in web application security and controls concepts preferred.
• Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred.

Education/ Experience:

• 8 years of related experience
• Bachelor’s degree required preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering), Computer Science, Information Security, or Cybersecurity

Arthrex Benefits

• Medical, Dental and Vision Insurance
• Company-Provided Life Insurance
• Voluntary Life Insurance
• Flexible Spending Account (FSA)
• Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
• Matching 401(k) Retirement Plan
• Annual Bonus
• Wellness Incentive Program
• Gym Reimbursement Program
• Tuition Reimbursement Program
• Trip of a Lifetime
• Paid Parental Leave
• Paid Time Off
• Volunteer PTO
• Employee Assistance Provider (EAP)

All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law. Apply tot his job Apply To this Job