Location : San Jose, CA 95131
Duration : 12 months
***********ONLY ON W2***********
- As a member of the product security team, the Staff Engineer – Product Security will be responsible for working with software development teams to assess potential security vulnerabilities using recognized security standards and provide recommendations on resolving them. They must also have knowledge of operating systems as well as techniques and standards for security hardening (NIST SP 800-53, ISO/IEC 27001, OWASP, etc.).
- Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance to product development software engineers.
- Implement software and OS security solutions in accordance with industry accepted standards for medical devices including: encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
- Develop and administer software engineering procedures and training for vulnerability scanning and static code analysis tools.
- Implement systems for automated testing of software vulnerabilities and verification of OS security patches.
- Assist product development teams in creating security documentation including Incident and Vulnerability Management Plans and Product Security White Papers.
- Participate on product security incident response teams as appropriate.
- Participate in technical design reviews and code inspections and provide clear, actionable feedback for project team members, including demonstrating proper coding practices.
- Work with the project teams to develop necessary requirements, specifications and testing scope for OS configuration and patch verification for products.
- Ensure quality in security test deliverables, including design, data summary and interpretation, report and document preparation and review for adherence to applicable regulations
- Minimum of a Bachelor’s Degree in Electrical Engineering, Computer Science or related engineering field.
- Minimum of 5 years of experience in software development.
- Minimum of 5 years of experience in product development within a quality management system.
- Minimum of 3 years of experience in secure coding practices.
- Knowledge of Windows networking fundamentals and experience with TCP/IP and sockets.
- Demonstrated positive work ethic with a strong commitment to achieving project goals.
- Excellent written and oral communication skills are essential.
- Experience with the Agile / Scrum development lifecycle. Preferred
- 2 years of experience developing with C# and .NET frameworks.
- 2 years of experience in medical devices / regulated environment.
- Experience with configuration and use of static code analysis and vulnerability scanning tools.
Aashiq | Recruiter | Email: firstname.lastname@example.org
Direct:678-783-7419|Work: 404 315-1555 Ext. 602 | Fax: 678-302-4488
Softpath System LLC | 3985 Steve Reynolds Blvd | Bldg C Norcross GA 30093