Stryker · 1 week ago
Senior Staff Product Security Engineer
Wonder how qualified you are to the job?
BiotechnologyHealth Care
H1B SponsorshipActively HiringGrowth Opportunities
Insider Connection @Stryker
Responsibilities
Apply common risk assessment frameworks (e.g., NIST 800-53, ISO 27001) to assess security risks in relation to business objectives and risk tolerance.
Operate third party compliance programs (e.g., SOC2, HITRUST) through audits, gap assessments, and continuous monitoring.
Guide product teams in interpreting and mapping security requirements to control implementation.
Develop, update, and manage product security policies, procedures, and trainings based on industry security standards.
Identify security policy compliance issues and coordinate remediation with leadership and cross-functional stakeholders.
Monitor, analyze, and report product security metrics to provide visibility and accountability for the effectiveness of security tools and processes.
Assist sales teams in responding to customer queries about product security and organizational controls.
Maintain and operate vulnerability scanning and security monitoring solutions.
Investigate and coordinate response to security incidents and vulnerability reports including analysis of exploitability, remediation planning, and disclosure strategy.
Maintain vendor relationships for third-party security tools and services.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related discipline
Minimum 6 years of related experience
Demonstrated competence with compliance, security, and privacy standards and frameworks (e.g., NIST 800-53, HIPAA, HITECH, GDPR, EU MDCG, SOC2, HITRUST)
Experience leading product security projects
Solid understanding of security for SaaS applications and cloud-based services (e.g., AWS)
Strong ability to communicate cybersecurity information to engineering, sales, customers, and other non-subject matter experts
Preferred
Experience conducting HIPAA security assessments
Experience working in medical device, health care, or other regulated industry
Professional cybersecurity certifications such as CISSP, CSSLP, CCSP, Security+, HCISSP, CISA, SSCP, and GSEC
Familiarity with VA or DHA risk management processes (FedRAMP, RMF, ATO)
Understanding of encryption, authentication, authorization, and identity management technologies (e.g., LDAP, OAuth, PKI, FIPS 140-2)
Proficiency with available cybersecurity tools and their usage (e.g., Orca, Tenable, Qualys, CrowdStrike, Veracode, JamF, Okta etc.)
Familiarity with additional secure product lifecycle frameworks such as IEC 81001 5-1, IEC 62443 4-1
Benefits
Medical and prescription drug insurance
Dental insurance
Vision insurance
Critical illness insurance
Accident insurance
Hospital indemnity insurance
Personalized healthcare support
Wellbeing program
Tobacco cessation program
Health Savings Account (HSA)
Flexible Spending Accounts (FSAs)
401(k) plan
Employee Stock Purchase Plan (ESPP)
Basic life and AD&D insurance
Short-term disability insurance
Company
Stryker
Stryker is a medical technology company that offers products and services in orthopaedics.
H1B Sponsorship
Stryker has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Trends of Total Sponsorships
2023 (36)
2022 (76)
2021 (73)
2020 (69)
Funding
Current Stage
Public CompanyTotal Funding
unknown1990-01-02IPO· nyse:SYK
Leadership Team
Recent News
2024-06-05
2024-06-04
2024-06-04
Company data provided by crunchbase