Bio-Rad is a global leader in developing, manufacturing, and marketing a broad range of innovative products for the life science research and clinical diagnostic markets. With a focus on quality and customer service for over 65 years, our products advance the discovery process and improve healthcare. The cybersecurity product engineer is a hands-on contributing role.
Assist in the design and management of medical devices/instruments and the cloud-based platforms that support them. This position will work on application security design specifications, performing penetration testing, vulnerability scanning, source code scanning, and source code review on medical devices and cloud services. This hands-on position will assume a key role in the Information Security team within Bio-Rad’s Global Information Security & Data Privacy team and will report to the Director of Global Information Security and Data Privacy.
This position is eligible for a $15,000 HIRING BONUS:
- Bonus offered for a limited time only.
- Bonus applicable to specific positions as labeled.
- Bonus recipients must be employed at the time of payout.
- Bonus payout after 30 days of employment with Bio-Rad.
- Bonus offered to direct hires only. Agency hires and internal transfers are not eligible.
- 12 months repayment clause.
Responsibilities
- Perform penetration testing on medical devices and cloud based products across multiple global medical devices.
- Work with developers/product owners to remediate the findings and provide verification of remediation.
- Perform feasibility testing on security programs.
- Performs industry and technology research on cybersecurity best practices.
- Monitors and communicate latest cyber threats.
- Collaborate with product team Architects and Design teams on addressing cybersecurity risks/vulnerabilities.
- Identifies tools and activities to ensure efficient coverage of cyber vulnerabilities and threats within our products.
- Assist R&D teams in using various cybersecurity tools for vulnerability assessments and source code scanning.
- Influences and guides the team to adopt software code security and security code analysis with tools like Veracode.
- Performs cyber security activities to ensure acceptable adherence to latest cyber security standards.
- Own and maintain product cyber security threat modeling in collaboration with the product teams.
- Maintain knowledge of all cyber related regulations.
- NIST Framework.
- FDA: Premarket Submissions for Software Contained in Medical Devices; Post market Management of Cybersecurity in Medical Devices.
- Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software.
- Active role in the definition and evolution of cybersecurity standard practices and procedures.
- Assist R&D teams with developing threat modeling of medical devices.
- Work on Proof of Concepts (POC) for new cloud security technologies.
- Assist product development teams with security guidance and expertise. Review risk assessment documentation for conformance to a set of security requirements. Prepare MDS2 reports for new and existing devices.
- Write technical assessments based on analysis of hardware and software designs.
- Perform feasibility testing on security programs. Monitor and analyze security alerts/logs and information.
Qualifications
- Bachelor’s degree in Computer Science, Computer Engineering or other related discipline; equivalent experience may be acceptable.
- Knowledge of cryptography technologies.
- Proficient with common security tools (Veracode, Metasploit, Nexpose, Nessus, Burpsuite, Nmap, Netcat, Hping3).
- Can comprehend specifications, architectural and high-level design, functional specifications, and source code.
- Articulate medical device cybersecurity risk for business and clinical purposes.
- Contribute development of a content into risk registry.
- Review, analyze, and report on emerging technologies and their effect on the cybersecurity posture of Medical Devices.
- Develop cybersecurity requirements for various medical devices.
- Provide cybersecurity design recommendations for various products and technologies.
- Contribute in the design, requirements, implementation, assessments, and support advanced and diverse cybersecurity technical solutions that address complex business requirements and medical device security.
- Serve as a cybersecurity subject matter expert for various projects.
- Proficient in written and verbal communication.
- Ability to multitask and work on multiple projects.
- Three to five years’ experience working with product related cloud services.
- Familiar with open-source technology, software development and scripting languages.
- Security certifications such as CISSP, OSCP, CCSP, CEH, GIAC a plus.
- Excellent knowledge of Information Security standards, frameworks, and best practices for large corporate environments.
- Experience managing information security in a medical devices manufacturing environment is preferred.
- Direct experience with FedRAMP, NIST, UL certification, FDA, Safe Harbor, GDPR and other security and privacy governance is preferred.
Vaccination Requirement:
Due to the higher threat of more infectious and deadly COVID-19 variant strains emerging, Bio-Rad has a mandatory vaccination policy requiring its US employees to be fully vaccinated against COVID-19 as a condition of employment. New hires will be asked to upload their vaccination card into our electronic database hosted by ClearPass, who specializes in securing electronic medical information, within 3 days of their start date. With this policy, Bio-Rad joins a growing list of companies that are prioritizing sound science and available facts to best ensure the ongoing safety of its employees and the community.
About Bio-Rad:
Bio-Rad is a global leader providing a broad array of clinical diagnostics and life science research products. With a team of more than 8,000 employees and a global network of operations serving our customers, we help people live longer, healthier lives.
Bio-Rad was founded over six decades ago and has continued to provide the healthcare industry with innovative and useful products that help life science researchers accelerate the discovery process and medical diagnostic labs obtain faster, better results.
EEO/AA Employer/Veterans/Disabled/Race/Ethnicity/Gender/Age
Agency Non-Solicitation:
Bio-Rad does not accept agency resumes, unless the agency has been authorized by a Bio-Rad Recruiting Representative. Please do not submit resumes unless authorized to do so. Bio-Rad will not pay for any fees related to unsolicited resumes.
More Information
- Address Hercules, CA, USA
- Salary Offer $100.000 ~
- Experience Level Junior
- Total Years Experience 5-10