Junior to Middle Healthcare Cybersecurity (IRC260005)

Description

Department / Project Description
You will become a part of the fast-growing business vertical and will have the opportunity to participate in the creation of a series of innovative solutions for MedTech, HealthTech and Pharma sub-domains.

Requirements

Mandatory requirements:

• Minimum of 2 years of product security experience in the medical device industry either directly for a medical device manufacturer or for a product security services organization providing consultative services to the manufacturer.
• Experience working with standards such as ISO 13485, ISO 14971, IEC 62304, NIST 800-30, NIST 800-53, AAMI TIR 57, UL 2900-2-1, IEC 62443.
• Understanding of the cybersecurity requirements of international regulations and guidance documents, including FDA Premarket Guidance for Cybersecurity of Medical Devices, MDR, IVDR, etc.
• Background in leveraging industry standard threat modeling and risk management frameworks.
• Background in penetration testing or leading pen testing engagements with third party organizations.
• Practical knowledge of Agile and agile-based methodologies
• Degree in computer science, software engineering, or cybersecurity

Optional:

• Experience advising on or writing cybersecurity SOPs for Quality Management Systems
• Experience with regulatory submission process
• Experience leading cross functional teams to incorporate cybersecurity across product engineering, Quality, Regulatory, IT, and other business functions
• Experience in working with embedded systems, cloud enabled systems, and IoT systems

Job responsibilities

Job Responsibilities:

 – Participate in business development and pre-sales activities within Healthcare Life Sciences vertical, such as creation of industry offerings, preparation of technical proposals, participation in industry conferences.
 – Collaborate with delivery and other functions within GlobalLogic for identifying demands, skills/training gaps, opportunities for innovation, and productization of cybersecurity offerings.
 – Participate in starting new Client engagements, facilitate project initiation and execution activities as SME:

• Design, implement and govern security solutions architectures for robust healthcare software solutions: cloud platforms, user applications, medical devices and IoMT solutions.
• Support and coordinate security assessments, risk analysis, and threat modeling to identify vulnerabilities and develop proactive mitigation strategies.
• Collaborate with engineering and development teams to integrate security into system designs, software development, and cloud infrastructure by following security-by-design best practices.
• Train delivery staff on risk assessment, threat modeling, security best practices (pre & post market requirements), testing requirements, security monitoring. regulatory requirements, etc.
• Support the definition and enforcement of security policies, standards, best practices and cyber security architecture frameworks across the organization.
• Participate in industry working groups, technical advisory groups in order to monitor the evolving threat landscape, trend development & promote GL Thought Leadership.
• Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, HIPAA, ISO 27001, NIST, IEC 62443, UL 2900-2-1).