Healthcare Cybersecurity Architect IRC249300

You will join a fast-growing business vertical and play a key role in developing a series of innovative solutions within the MedTech, HealthTech, and Pharma domains. This is an exciting opportunity to work on cutting-edge projects that aim to improve healthcare outcomes and transform the way medical technologies are delivered.

As part of the GlobalLogic team, you will grow, be challenged, and expand your skill set working alongside highly experienced and talented people.

If this sounds like an exciting opportunity for you, send over your CV!

Requirements

• Minimum of 5 years of product security experience in the medical device industry either directly for a medical device manufacturer or for a product security services organization providing consultative services to the manufacturer.
• Strong experience working with standards such as ISO 13485, ISO 14971, IEC 62304, NIST 800-30, NIST 800-53, AAMI TIR 57, UL 2900-2-1, IEC 62443.
• Strong understanding of the cybersecurity requirements of international regulations and guidance documents, including FDA Premarket Guidance for Cybersecurity of Medical Devices, MDR, IVDR, etc.
• Background in leveraging industry standard threat modeling and risk management frameworks.
• Background in penetration testing or leading pen testing engagements with third party organizations.
• Practical knowledge of Agile and agile-based methodologies
• Degree in computer science, software engineering, or cybersecurity

Optional:

• Experience advising on or writing cybersecurity SOPs for Quality Management Systems
• Experience with regulatory submission process
• Experience leading cross functional teams to incorporate cybersecurity across product engineering, Quality, Regulatory, IT, and other business functions
• Experience in working with embedded systems, cloud enabled systems, and IoT systems

Job responsibilities

 – Participate in business development and pre-sales activities within Healthcare Life Sciences vertical, such as creation of industry offerings, preparation of technical proposals, participation in industry conferences.

 – Collaborate with delivery and other functions within GlobalLogic for identifying demands, skills/training gaps, opportunities for innovation, and productization of cybersecurity offerings.
 – Participate in starting new Client engagements, facilitate project initiation and execution activities as SME:

• Design, implement and govern security solutions architectures for robust healthcare software solutions: cloud platforms, user applications, medical devices and IoMT solutions.
• Support and coordinate security assessments, risk analysis, and threat modeling to identify vulnerabilities and develop proactive mitigation strategies.
• Collaborate with engineering and development teams to integrate security into system designs, software development, and cloud infrastructure by following security-by-design best practices.
• Train delivery staff on risk assessment, threat modeling, security best practices (pre & post market requirements), testing requirements, security monitoring. regulatory requirements, etc.
• Support the definition and enforcement of security policies, standards, best practices and cyber security architecture frameworks across the organization.
• Participate in industry working groups, technical advisory groups in order to monitor the evolving threat landscape, trend development & promote GL Thought Leadership.
• Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, HIPAA, ISO 27001, NIST, IEC 62443, UL 2900-2-1).