Geplaatst op: 17-08-2018 | Solliciteren voor: 01-01-2019
Within the R&D department at BD Kiestra in Drachten, the Software Engineering department is responsible to develop and verify software designs. Within the Software Engineering department, four teams of functional expertise exist:
- Common Design
- Application Design
- IT and Front End Design
- SW Verification
The Product security engineer is part of the IT and Front End team. His/her key purpose is to assist the engineers of the whole department in implementing and maintaing the product security framework supporting existing and future medical instrumentation and software.
The Product security Engineer works in closed collaboration with the Product Security Office.
THIS IS A POSITION BASED IN THE NORTH OF THE NETHERLANDS
YOU MUST BE ELIGIBLE TO WORK IN THE NETHERLANDS WITHOUT ADDITIONAL SPONSORSHIP
Duties and responsibilities
Implement system and network hardening measures on new and current medical instruments.
Lead all third-party patch management activities from verification to deployment to the Service organization.
Assist product development teams with implementing software security solutions in accordance with industry accepted standards for medical device security including: secure coding standards, encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
Assist in security risk assessments, hazard analysis, and vulnerability remediation guidance.
Interface with other technical departments such as Penetration Testing Team, Systems, Hardware Engineering, Quality, and Service.
Assure adherence to BDDS development policies and software quality procedures.
Education and experience
Bachelor's or Master’s degree in Computer Science or a related technical field
Minimum of 3 years of relevant work experience in cyber security
Candidate for or certification in InfoSec Security are a plus, e.g., CISSP, CSSL
Knowledge and skills
Network protocols and secure network design
Operating system internals and implementing system hardening (e.g. on Windows 10, Windows Server 2016).
Security compliance and vulnerability scanning tools such as Tenable/Nessus
Demonstrated understanding of working in a regulated environment and adhering to a quality management system
Excellent written and oral communication skills in English
Willingness to learn and explore
Nice to have:
Coding experience in modern programming languages
Experience with static code analysis tools
For more information, please contact Richard van der Vegt (recruiter) via firstname.lastname@example.org