Middle Healthcare Cybersecurity Offline

Mandatory requirements:

• Minimum of 5 years of product security experience in the medical device industry either directly for a medical device manufacturer or for a product security services organization providing consultative services to the manufacturer.
• Strong experience working with standards such as ISO 13485, ISO 14971, IEC 62304, NIST 800-30, NIST 800-53, AAMI TIR 57, UL 2900-2-1, IEC 62443.
• Strong understanding of the cybersecurity requirements of international regulations and guidance documents, including FDA Premarket Guidance for Cybersecurity of Medical Devices, MDR, IVDR, etc.
• Background in leveraging industry standard threat modeling and risk management frameworks.
• Background in penetration testing or leading pen testing engagements with third party organizations.
• Practical knowledge of Agile and agile-based methodologies
• Degree in computer science, software engineering, or cybersecurity

Optional:

• Experience advising on or writing cybersecurity SOPs for Quality Management Systems
• Experience with regulatory submission process
• Experience leading cross functional teams to incorporate cybersecurity across product engineering, Quality, Regulatory, IT, and other business functions
• Experience in working with embedded systems, cloud enabled systems, and IoT systems