Full-Time Embedded Product Security Engineer

Essential Duties and Responsibilities:

* Designs security architecture of components or functional systems and modifies existing designs to develop or improve products.
* Recommends alterations to development and design to improve the security of products and/or procedures.
* Contributes to a broader design perspective and considers how an application interacts with the underlying infrastructure or external resources.
* Develops threat scenarios and designs responses for associated vulnerabilities to mitigate risk.
* Maintains design history file for assigned projects, adhering to Arthrex design control procedures.
* Determines the necessity of security testing and initiates testing of assigned products.
* Provides Regulatory department technical support for assigned projects as needed.
* Supports Marketing and Product Management with technical information to be used for training and marketing of assigned products.
* Supports Software Engineering to design and develop components, processes, and training using Security-by-Design and Privacy-by-Design principles.
* Supports surgeon and distributor customers in the sales process by educating and demonstrating security-focused aspects of assigned products as needed.
* Partner with Legal, Compliance, Privacy, and Information Security departments to ensure products and staff comply with required laws, regulations, and policies.
* Reports progress and status of assigned projects on a timely basis.
* May be required to travel; International travel may be required.


Knowledge:

* Frequent use and general knowledge of industry practices, techniques, and standards. General application of concepts and principles.


Reasoning Ability:

* Develops solutions to a variety of problems of moderate scope and complexity. Refers to policies and practices for guidance.


Skills:

* Working knowledge of custom Linux distributions would be a plus.
* Knowledgeable of System and Software Development Processes and Lifecycles required.
* Knowledgeable of application security best practices required.
* Experience securing operating systems with industry best practices
* Develops solutions to a variety of problems of moderate scope and complexity. Refers to policies and practices for guidance.
* Knowledgeable of FDA and ISO guidelines for the development of medical devices preferred.
* Project management and communication skills training preferred.
* Experience in web application security and controls concepts preferred.
* Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred

Education/ Experience:

* 2 years of related experience required.
Bachelor s degree required. Preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering), Computer Science, Information Security, or Cybersecurity.