Job ID 20000DUB
Available Openings 1
PURPOSE AND SCOPE:
The Engineer will execute the overall product security mission and work with a virtual team of Security Advisors, System Architects and Quality Leaders to drive process evolution via secure development lifecycle practices, and product evolution via product security feature roadmaps.
PRINCIPAL DUTIES AND RESPONSIBILITIES:
- Drive cybersecurity maturity of products and R&D group practice
- Drive a role-based cybersecurity competency plan for product development stakeholders
- Deployment and enforcement of a Secure Development Lifecycle program
- Lead a Security Advisor Community focused on Secure Development Lifecycle practices within the product development lifecycle
- Monitor cybersecurity standards and regulations worldwide, influence to align with Fresenius Medical Care direction, prepare the business for compliance in adequate time and ensure documented compliance of offers
- Ensure that the products from Fresenius Medical Care meet the customer expectations and are compliant with emerging worldwide cybersecurity regulations
- Support development projects and security advisors as a point of escalation, with authority to hold product development stage gate advancement or product release if security targets are not met
- Manage vulnerabilities and incidents for released products to ensure swift resolution of issues
- Lead cybersecurity assessments of partners and technology providers
Other duties as assigned
Additional responsibilities may include focus on one or more departments or locations. See applicable addendum for department or location specific functions.
PHYSICAL DEMANDS AND WORKING CONDITIONS:
- The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Approximately 30% travel required.
Bachelor's Degree in Computer Science or related field required; Masters strongly preferred
EXPERIENCE AND REQUIRED SKILLS:
5 – 8 years' related experience in cybersecurity; or a Master's degree with 3 years' experience
CSSLP – secure lifecycle process certification
CISSP, CCSP – technical certifications a plus
IEC62443 embedded systems focused
ISO/IEC27001 lead auditor
Knowledge of dialysis a plus.
Knowledge and understating of Medical Device Regulation, Quality, and Design Controls (e.g. ISO9001, ISO 13485, ISO14971, ISO17025, UL 2900, FDA 21 CFR 820.30) a plus.
Demonstrated technical writing, communication and presentation skills.
Ability to work effectively in a team environment.
Creativity in addressing technical challenges.
Proven record to deliver results
EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity
Fresenius Medical Care North America maintains a drug-free workplace in accordance with applicable federal and state laws.
Apply on company website