Job ID R-373614 Date posted 18/09/2020 BACK TO SEARCH RESULTS Apply

Product Security Lead

Job Description Summary

Job Description

The Becton Dickinson Interventional (BDI) division is seeking a Software Engineer to lead a team responsible for implementing a product security framework supporting existing and future medical instrumentation and software. The right candidate is a positive, forward-looking person who must be self-directed requiring minimal daily direction, collaborates often and effectively with project team members, presents a positive and professional demeanor with customers, and excels at solving difficult problems.

The candidate will need to possess software development skills specifically related to implementation of security requirements and secure coding standards, e.g., NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT, and MS Secure Coding Standards.  The candidate shall be able to evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static code analysis.  In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk.

The Product Security Software Engineer will participate in a full medical software development life cycle and adhere to a quality management system.

Responsibilities:

  • Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers both on and off-site.

  • Implement software security solutions and architect/design products in accordance with industry accepted standards for medical device security including: encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.

  • Develop and administer software engineering procedures and training for vulnerability scans and static code analysis

  • Assist product development teams in creating Incident and Vulnerability Management Plans and Product Security White Papers

  • Participate on product security incident response teams.

  • Interface with other technical departments such as Penetration Testing Team, Systems, Hardware Engineering, Quality, and technical services

  • Demonstrate proper secure coding practices driving standards within the software engineering organization

  • Collaborate with other BD resources to ensure effective design and implementation goals.

  • Lead technical design reviews and code inspections. Provide clear, actionable feedback for project team members

  • Assure adherence to BDDS development policies and software quality procedures

Qualifications:

  • BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field is required

  • Minimum of 5 years of experience in software development, systems & architecture concepts and designs

  • Minimum of 5 years work experience in product development

  • Minimum of 5 years work experience with C#/.NET development

  • Minimum of 3 years work experience using secure coding practices

Required Knowledge, Skills and Attributes:

  • Experience with TCP/IP, encryption, and socket development

  • Knowledge of Windows networking fundamentals (IP protocol, switches, routers)

  • Demonstrated understanding of developing in a regulated environment and adhering to a quality management system

  • Excellent written and verbal communication and interpersonal skills are essential

  • Demonstrated positive work ethic with a strong commitment to achieving project goals

Nice-to-Haves:

  • Experience working in a regulated (FDA) environment with medical instrumentation is a plus

  • Candidate for or certification in InfoSec Security are a plus, e.g., CISSP, CSSLP

  • Experience with static code analysis tools

  • Work experience in network security strongly desired

If you’re a team player who is passionate about Engineering and ‘advancing the world of health’ and we’ve just described your career aspirations, then please click on the APPLY button where you will be directed to our website to apply directly.

Interested in a career with BD, but this position doesn’t fit your skills and experience? Join our external EMEA Talent Community here: http://bd.tal3nt.community/

Primary Work Location

IRL Limerick - Castletroy

Additional Locations

Work Shift

Apply

Working in

Limerick

Take a look at the map to see what's nearby.

Working in

Limerick

Take a look at the map to see what's nearby.

Recommend
to a friend

Approve
of CEO

"I like being able to make a difference. Working at BD is an opportunity where the products save lives every day."
Current Employee - Anonymous, Limerick

Don’t miss out

Make sure you see the best job for you when it becomes available. Sign up for job alerts today.

Interested inSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

Join our talent pool

Upload your CV to help our recruiters match you to the right job. They’ll be in touch if they find a good fit.