Hi,
Hope your are doing good. Please share me profiles to [email protected] <[email protected]> *Role – Cyber Security Engineer* *Location: **Burlington, MA* *6+ Months* *Mandatory skills*: *Position Summary:* *Software Engineer- Cybersecurity* to join our team. In this technical role, you will be a critical contributor in the development and deployment of software solutions to support our development programs and building compelling products within Abbott’s HF Division. Under the guidance and direction of an experienced engineer, you will perform cybersecurity work within our R&D division by improving software, testing, tools, and processes and preventing security threats to medical products and systems. Additionally, you will participate in all phases of the software lifecycle, including concept development, requirements, design, implementation, and testing. *Primary Responsibilities:* · Optimize product/system security by creating and reviewing software architecture and detailed design solutions that reflect best practices. · Identify and implement software improvements needed to effectively protect against and respond to known and emerging cybersecurity threats. · Perform or support security testing such as penetration tests, fuzz testing, and internal/external audits. Coordinate remediation as necessary. · Work with Software Development, Systems Engineering, Product Security, and other stakeholders to develop cybersecurity controls. · As a team member, contribute significantly to completion of various project activities, from definition, identifying software functional requirements, implementation, code reviews, and final release according to medical device development processes *Required Qualifications: * · Bachelor’s Degree in Engineering (Computer, Electrical, Computer Systems, Systems, or Software), Computer Science, or related discipline · 1-3 years of cybersecurity engineering, software engineering design and development, or systems administration experience · Experience in assessing and remediating cybersecurity vulnerabilities · Demonstrated knowledge and experience working with Java, Microservices, C++, Python, Perl, or Shell · Experience with OpenSSL, TLS mutual authentication, digital signatures, certificate management · Previous experience working in a regulated industry such as automotive, aerospace, healthcare, or defense · Excellent verbal and written communication skills, with ability to communicate to all levels of the organization · Work with Client Security team to understand policies and processes associated with on premise services. Clear understanding of expectations based on hosting location. · Work with CLIENT Security team to identify and understand policies and processes with solutions cloud hosted. Clear understanding of expectations based on hosting location. · Evaluate current on prev/existing architecture to determine alignment and gaps based on identified policies provided by CLIENT Security team which should align to security, regulatory, compliance, etc… · Understand core security services offered by internal service providers based on hosting models and defined policies. · Identify requirements for cloud hosted solutions regardless of implementation method based on industry based best practices. Should be based of threat models and risk based approach. · Review base architecture and services offered as part of the default cloud footprint provided by corporate services. · What capabilities from incident and security incident response process does Client have today? How can that be leveraged in cloud scenarios? · Work with infrastructure to understand what technology services are applied to on prem and cloud solutions as part of the Corporate IT services. · Establish or refine security incident management process. Should consist of a “playbook” with defined plays based on exploit. If available, should utilize established process and modify based on solution and scenarios. · Review the current SDLC process specifically around security (static and dynamic) scanning to ensure alignment with best practices. Recommendations on go forward changes to process. · Identify identity requirements while working with Systems Team given the proposed solution and assumed localization requirements. Should include but not limited to Data sovereignty requirements, · Provisioning and de-provisioning requirements, Self service capabilities and requirement around association. · Metadata requirements for identity types · Review current vulnerability and penetration test capabilities and processes and make recommendations on changes to support cloud hosted solutions in alignment with identified best practices. *Preferred Qualifications:* · Master’s Degree in Engineering (Computer, Electrical, Computer Systems, or Software), Computer Science, or related discipline · Experience in Linux system administration on RHEL or similar distributions · Well versed in FDA Cybersecurity Guidance, GDPR, and NIST · Familiar with DISA STIG assessment and implementation for Linux and/or Windows systems · Knowledge of secure programming practices · Experience in threat modeling, cybersecurity risk assessment, or Off The Shelf Software (OTS) assessment · Cybersecurity certification such as CISSP, CSSLP, or similar · Knowledge of 62304 and other standards applicable to Class II and Class III medical devices Regards, *Md.Khazababu* Recruiter 3*S* Business Corporation Inc(*3SBC*) P: 281-823-9222 Ext 518 | F: 281-823-9225 Email: [email protected]| <[email protected]%7C> www.3sbc.com Hangouts – [email protected] <[email protected]%7C%20Skype> *3S Business Corporation Inc. 11271 Richmond Ave, Suite # H107, # H108 Houston, Texas. 77082* -- You received this message because you are subscribed to the Google Groups "Android Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/android-discuss/CAKPjPOQgmtRKH_j5GgrZY6L8Vm-%3DtBSsGKxhoudGH5caWJgx0w%40mail.gmail.com.
