Manpower San Diego · 1 day ago
Security Engineer
San Diego, CA
Full-time
Hybrid
Senior Level, Lead/Staff
$65/hr - $86/hr
8+ years expManpower San Diego is seeking a Security Engineer to join their Software Engineering (R&D) department in the Diagnostics division. The role focuses on enhancing security in medical devices and ensuring compliance with industry standards and FDA requirements throughout the product lifecycle.
Staffing & Recruiting
Responsibilities
Support the creation and maintenance of security design documentation and architecture diagrams
Collaborate with cross-functional teams (Product Engineering, DevSecOps, Regulatory, Quality) to integrate security into the product lifecycle
Define security requirements and controls based on specific use cases and threat models
Establish automated processes for vulnerability scanning and perform regular risk analyses to evaluate security threats and vulnerabilities, prioritizing uncontrolled risks with potential impacts on patient safety, leveraging CVSS as the baseline
Work with cross-functional teams to ensure that SBOMs are correct and can be used as part of our continuous vulnerability monitoring process
Work with DevSecOps and Software Engineers to review code static analysis and third-party software assessment reports
Participate in continuous improvement of our Secure by Design principles and implementation, ensuring adherence to security standards and best practices
Design architecture that prioritizes efficient, secure software updates and patch management across deployed systems
Establish incident playbooks and coordinate root cause analysis (RCA) for reported security incidents
Leveraging industry standard methodologies to apply threat modeling to our medical products (e.g., STRIDE, PASTA)
Qualification
Required
Bachelor's or Master's degree in Computer Science, Cybersecurity, or related engineering equivalent
Minimum of 8 - 12 years of professional experience in product security/cybersecurity engineering
Strong interpersonal skills, with the ability to communicate cybersecurity concepts to a variety of audiences
Skilled in working within cross-functional groups
Skilled in performing Risk Assessment and Management plan
Skilled in writing design documentation and standard operating procedures
Experienced in Windows OS and LINUX, including implementing system hardening, is required
Experienced in networking devices (e.g., switches, routers, firewalls) and protocols (e.g., TCP/IP)
Expertise with security frameworks and testing tools, and how to incorporate the results of those into cybersecurity requirements for the Product Development team
Proficiency in scripting and simple test automation (e.g., PowerShell, Python)
Participate in continuous improvement of our Secure by Design principles and implementation, ensuring adherence to security standards and best practices
Design architecture that prioritizes efficient, secure software updates and patch management across deployed systems
Establish incident playbooks and coordinate root cause analysis (RCA) for reported security incidents
Leveraging industry standard methodologies to apply threat modeling to our medical products (e.g., STRIDE, PASTA)
Preferred
Collaborate with Program Management and Regulatory teams to provide security input for audits and FDA submissions
Thorough familiarity with FDA and other regulatory body Cybersecurity Guidelines and cybersecurity standards such as NIST, AAMI, CSLI, UL, BSI, HIPAA, GDPR, State and Federal security standards, and ACTS for premarket and post-market activities
Assist in translating cybersecurity requirements into product requirements for new and existing product designs, as well as assisting with the definition of verifications for traceability
Assist with efforts to establish penetration testing suites for continuous testing and monitoring of our product solution
Company
Manpower San Diego
Actively involved in public policy, workplace issues, and economic development.
1001-5000 employees
Funding
Current Stage
Late StageCompany data provided by crunchbase