Senior Product Security Engineer

Hologic Logo
Hologic
La Jolla, United States
128300 - 200600 EUR / Year
  • Construction
  • FullTime
  • Applications have closed

Requirements

Must have:

– I hold a Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related engineering field. – I possess 8 to 12 years of professional experience in product security or cybersecurity engineering. – I have demonstrated my knowledge in Cybersecurity through certifications, such as CISSP or CompTIA Security. – I possess strong interpersonal skills that enable me to explain cybersecurity concepts to diverse audiences effectively. – I am skilled in collaborating within cross-functional teams and am adept at performing Risk Assessment and Management plans. – I have experience in authoring design documentation and standard operating procedures. – I have worked in an FDA-regulated environment and am thoroughly familiar with FDA cybersecurity guidelines and standards, including NIST, AAMI, CSLI, UL, BSI, HIPAA, GDPR, State and Federal security standards, and ACTS for premarket and post-market activities. – I possess strong verbal and written communication abilities, and I am familiar with Windows OS and cloud-based solutions. – I have expertise with security frameworks and testing tools, as well as proficiency in scripting and basic test automation, such as PowerShell or Python.

Responsibilities:

  • In my role as a Lead Product Security Engineer and Subject Matter Expert for the Cytology R&D team, I serve as the primary cybersecurity representative, ensuring our products comply with industry standards and FDA requirements throughout their lifecycle. – I maintain a proactive stance on industry security threats and assess risks to our products while managing these concerns according to established quality procedures. – I contribute to the ongoing enhancement of our Secure by Design policies and ensure adherence to security standards and best practices. – I create and maintain security design documentation and architecture diagrams and collaborate with cross-functional teams (including Product Engineering, DevSecOps, Regulatory, and Quality) to integrate security throughout the product lifecycle. – I define security requirements and controls based on specific use cases and threat models, conducting regular risk analyses to identify security threats and vulnerabilities. – I perform Security Risk Management activities to mitigate identified vulnerabilities and security design issues and establish automated processes for vulnerability scanning and remediation. – I educate development and leadership teams on securing products and their operating environments and collaborate with Program Management and Regulatory teams to supply security input for audits and FDA submissions. – I assist in translating cybersecurity requirements into product requirements for new and existing designs and work with teams to ensure the accuracy of SBOMs as part of our continuous vulnerability monitoring process. – I contribute to the development of penetration testing suites for ongoing testing and monitoring and design architectures that optimize secure software updates and patch management. – I establish incident playbooks and coordinate root cause analysis for reported security incidents, while reviewing code static analysis and third-party software assessment reports alongside the DevSecOps and Software Engineers.

Company:

  • I am excited about the potential to make a significant impact by enabling healthier lives every day through my work at Hologic. I appreciate that this opportunity allows me to not only showcase my skills but also achieve measurable success and experience immense satisfaction in my efforts. This hybrid position is based out of either Marlborough, MA or San Diego, CA, and is part of a broader Diagnostics team that collaborates to create a cohesive cybersecurity strategy. – The annual base salary range for this position is between $128,300 and $200,600 and is eligible for bonuses. Compensation packages will depend on various factors such as relevant experience, skill set, knowledge, geographic location, education, business needs, and market demand. – We aim to make Hologic a place where top talent can thrive. I appreciate that we provide comprehensive training upon joining, along with opportunities for ongoing development and training throughout one’s career. If I possess the right skills and experience, I am encouraged to apply today! Hologic, Inc. proudly supports inclusivity as an Equal Opportunity Employer, welcoming individuals with disabilities and veterans.
Apply for job