Sr Product Security Engineer
Varian Medical Systems
Daettwil, Switzerland
vor 1 Tg.

We're driving toward the ultimate victory : a world without the fear of cancer.

The Sr Product Security Engineer will be a member of the Product Security team with the objective to ensure that Varian Medical Systems (VMS) products are protected from cybersecurity threats throughout the entire life-cycle.

Your focus will be first and foremost on connected medical device and its innovation. You work with VMS Treatment Delivery & Imaging System (TDIS) teams to deliver expert architecture design and offer hands-on technical collaborations.

You work day-to-day with engineering teams to build Security & Privacy into Varian product lifecycle (pre-market & post-market).

For our DevSecOps tool sets (e.g. SAST, vulnerability scanning), you optimize the rule sets to enable actionable alerts.

You build and mature the reporting and alert management framework for meaningful metrices across VMS portfolio. You participate and lead the cybersecurity incident response and complaint investigation process for Varian products.

You drive effective cybersecurity risk remediations in the field (e.g. install base).

Your extend your support to VMS software portfolio to ensure security & privacy alignment across innovation initiatives.

The Sr Product Security Engineer will be a member of the Product Security team with the objective to ensure that Varian Medical Systems (VMS) products are protected from cybersecurity threats throughout the entire life-cycle.

Your focus will be first and foremost on connected medical device and its innovation. You work with VMS Treatment Delivery & Imaging System (TDIS) teams to deliver expert architecture design and offer hands-on technical collaborations.

You work day-to-day with engineering teams to build Security & Privacy into Varian product lifecycle (pre-market & post-market).

For our DevSecOps tool sets (e.g. SAST, vulnerability scanning), you optimize the rule sets to enable actionable alerts.

You build and mature the reporting and alert management framework for meaningful metrices across VMS portfolio. You participate and lead the cybersecurity incident response and complaint investigation process for Varian products.

You drive effective cybersecurity risk remediations in the field (e.g. install base).

Your extend your support to VMS software portfolio to ensure security & privacy alignment across innovation initiatives.

Responsibilities :

  • Integration of cyber-security considerations into product design, implementation, review, update, and EOL management
  • Assume thought leadership to step outside the box, identify and implement solutions to effective address common security & privacy challenges in connected Medical Devices (HW)
  • Monitor product cyber-security threats and vulnerabilities, perform planned and on-demand Cybersecurity Risk Assessment ;
  • work with engineering teams to design and prioritize mitigating solutions

  • Plan and coordinate comprehensive security assessments (e.g. Product Penetration Testing ), analyze and report results, design, and direct remediation;
  • support interactions with Customers or other external bodies as necessary

  • Direct and improve the security of workflow and tools used in providing services (e.g. installation, trouble-shooting, remote access) and product support (e.
  • g. MICAP standardization and updates); define the standard security settings (as default) in products and solutions based on hardening standards

  • Coach stakeholders from project managers, developers, SW architects, system engineers, service and support engineers, and operations team on methods and frameworks for building, servicing, and supporting secure products and solutions
  • Continuously maintain expertise and Information as well as Product Security by participating in Industry forums, conferences and training events
  • Provide hands-on technical support expertise in general SW design and development , system engineering, IT and networking as necessary
  • Maintain complete confidentiality of company and customer intelligence acquired at job.
  • Requirements :

  • Prefer candidates with a deep knowledge of firmware security
  • Prefer candidates with experiences in microservices and kubernetes
  • Excellent communication and teamwork skills, with fluent written and spoken English.
  • Bachelor’s degree in software engineering, computer science or related discipline.
  • 3 years professional work experience developing and testing software or hardware products.
  • Experience with Java or C# / .NET or C++ programming.
  • Experience with web programming and technologies.
  • Experience with SQL Server or similar database systems.
  • Experience doing formal verification testing
  • LI-OS1

    We're unleashing the power of technology and human ingenuity to achieve new victories in the fight against cancer. Join us and have a global impact.

    Bewerben
    E-Mail
    Wenn ich auf "Fortfahren" klicke, gebe ich neuvoo das Einverständnis, meine Informationen zu speichern und mir wie in den Nutzungsbedingungen und Datenschutzbestimmungen beschrieben, personalisierte E-Mail Alerts zu schicken.
    Fortfahren
    Bewerbungsformular