Product Security Engineer

Job Description Job Description Our client's DevSecOps Engineering Center of Excellence (R&D) department is looking for a Security Engineer experienced in medical device or instrumentation security and systems to join our team, pivotal in building and enhancing security in their products and services! As a Product Security Engineer 3, you will be involved in our client's diagnostics products. RESPONSIBILITIES Monitoring the industry for newly identified threats to cybersecurity and assessing the risk to Hologic products.

Performing and documenting vulnerability assessments to malicious attacks on products and provide support to product teams. Assisting with product development efforts dealing with security and network vulnerability issues. Developing and executing thorough test procedures to qualify OS patches and anti-virus software; creating and automating test procedures based on lab environment accordingly.

Educating sales and service force on topics and issues related to network security and virus protection. Working with software engineers to develop and implement security requirements. Interacting directly and periodically with Engineering and Field Service resources to successfully qualify Hologic networked products to meet customer expectations for equipment performance.

The right candidate for us will: Possess the discipline required to continually monitor industry security threats, assess risk to Hologic products, and disposition the risk according to established quality procedures. Effectively troubleshoot and diagnose issues associated with networked, computer-based products. Be available for travel to clients offices, training, and customer sites.

Work with some supervision but in alignment with strategic intentions and corporate priorities. Have good understanding of network design concepts and working knowledge of security analysis and protection tools. QUALIFICATIONS Master's or Bachelor's degree in Computer Science, Management Information Science, Engineering, or a related technical field with at least 4 – 8 years of relevant experience in the following areas: Computer and network security; Computer networking administration; Microsoft Windows and Linux operating systems; Software application test and maintenance; Cybersecurity Risk Assessment.

Experienced in enterprise computer network infrastructure. Desirable but not essential: Medical information system administration. Software verification in a regulated industry.

PACS, DICOM, ASTM, HL7, EMR, EHR, medical informatics. Technical Support to Field Service and/or end-users. Certifications in security-related studies are strongly preferred (e.g., CISSP).

OS (i.e., Windows, Linux) and networking (i.e., Cisco) certifications are preferred. Experience in the healthcare industry (provider or medical equipment vendor) is preferred.