Cyber Security Engineer
Location: Santa Clara, CA / Hybrid
- This position is responsible for architecting and maintaining corporate-wide information security technical solutions and operational SOPs to ensure that information assets are adequately protected and reported on.
- Responsible for performing all duties in compliance with all applicable worldwide regulatory requirements as included in the scope of the Quality Manual.
- The Cybersecurity Engineer must act and conduct company business in an honest, ethical and lawful manner, consistent with the company's Code of Conduct, other company policies and the AdvaMed Code of Conduct and/or any other applicable industry code(s) of conduct. The company does not tolerate retaliation in connection with making good faith reports of suspected violations.
- Develop, implement, and monitor enterprise information security capabilities and contribute to IT risk management program through metrics reporting and process enhancements.
- Act according to information security management framework.
- Develop, publish, maintain, and train on SOPs for technical implementation and operationalization of assets.
- Integrate Incident Response, Help Desk, and MSSP processes into solutions architectures that are implemented to automate and streamline processes.
- Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems, and services.
- Contribute to the enterprise's information security organization.
- Partner with stakeholders across the company to raise awareness of risk management concerns.
- Assist with the overall technology planning, providing current knowledge and future vision of technology and systems cyber security controls.
Specific Responsibilities and Skills:
- Troubleshoot security and network problems.
- Respond to all system and/or network security breaches.
- Ensure that the organization's data and infrastructure are protected by enabling the appropriate security controls.
- Participate in the change management process.
- Test and identify network and system vulnerabilities.
- Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
- In the event of potential non-compliance with applicable standards or regulations (e.g., FDA QSRs, ISO 13485 or ISO 14971), the employee has the authority to hold any product or Quality documentation from shipment or further processing. The employee has the responsibility and authority to report any instances to Quality and/or Regulatory and the respective management team
Knowledge, Education and Experience:
- Knowledge of common information security management frameworks, such as NIST CSF, NIST 800-53, NIST 800-171, and ISO/IEC 27001.
- Experience with securing on-prem AD, Office 365, Windows/Linux Systems, Firewalls, Azure, Web Applications, Vulnerability Management/Scanners, EDR systems, Asset Management, Patch Management, PAM, DLP, and SIEM.
- 3-5 years of relative experience.
Expertise and Attributes:
- Automation of routine tasks.
- Proficiency with information technologies in a secure network environment.
- Authentication of systems.
- System, platform, and account migrations.
- Data and cloud security.
- Azure/AWS cloud infrastructure.
- Experience in IT and cloud infrastructure.
- Current understanding of best practices regarding system security measures
- Experience in a manufacturing environment with medical device manufacturing preferred and experience with validated/compliance systems like SOX, GDPR, PHI, PII, etc.
- Proven ability to communicate the complexities of technical programs.
- Great awareness of cybersecurity trends and hacking techniques.
- Excellent written and verbal communication skills and high level of personal integrity.
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
- Strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Experience with contributing to contract and vendor negotiations and management including managed services.
- Knowledge and familiarity of applicable regulations/standards (e.g. ISO 13485, FDA 21 CFR 820, EU MDR 2017/745, ISO 14971) as required to perform the job function
For immediate consideration apply today!