descripción del trabajo

Principal Security Architect (remote) page is loaded Principal Security Architect (remote) Apply locations USA MA - Andover time type Full time posted on Posted 7 Days Ago job requisition id R-457466 embecta, formerly part of BD, is one of the largest pure-play diabetes care companies in the world, leveraging its nearly 100-year legacy in insulin delivery to empower people with diabetes to live their best life through innovative solutions, partnerships and the passion of more than 2,000 employees around the globe. For more information, visit embecta.com. As the Principal Security Architect you will partner with our product development and engineering organizations to enable them to build and enhance security in the Diabetes care and Digital Health products and services. The right candidate is a positive, forward-looking person who must be self-directed requiring minimal daily direction, collaborates often and effectively with project team members, presents a positive and professional demeanor with customers, and excels at solving difficult problems. You will evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static code analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk. The Security Architect will participate in a full medical software development life cycle and adhere to a quality management system. Responsibilities: Design and Implement software security solutions in accordance with industry accepted standards for encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware. Develop and administer software engineering procedures and training for vulnerability scans and static code analysis Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers. Keep abreast of advances in secure system design and development practices, threats and threat actors, and new attack techniques or areas of security research, and provide guidance to the product organizations to help them avoid or mitigate future security concerns. Assist product development teams in creating Incident and Vulnerability Management Plans and Product Security White Papers Participate on product security incident response teams. Interface with other technical departments such as Penetration Testing Team, Systems and Hardware Engineering Collaborate with Quality and Technical Service Demonstrate proper secure coding practices driving standards within the software engineering organization Lead technical design reviews and code inspections. Provide clear, actionable feedback for project team members Lead documentation delivery and feedback provided to regulatory agencies on product submissions related to security Knowledge and Skills: Knowledge of common security standards and best practices, such as NIST 800-53/800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards Knowledge of delivering secure products consisting of IoT embedded, Mobile Phone, and Cloud components Demonstrated understanding of developing in a regulated environment and adhering to a quality management system Excellent written and verbal communication and interpersonal skills are essential Demonstrated positive work ethic with a strong commitment to achieving project goals Basic Requirement: BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field is required 7+ years of experience in software development, systems & architecture concepts and designs 7+ years work experience implementing security controls in software 5+ years work experience with C#/.NET development 5+ years work experience using secure coding practices 5+ years in a security-focused role familiar with post-market security monitoring, threat response, and ongoing security sustaining practices About Us embecta, formerly part of BD, is one of the largest pure-play diabetes care companies in the world, leveraging its nearly 100-year legacy in insulin delivery to empower people with diabetes to live their best life through innovative solutions, partnerships and the passion of more than 2,000 employees around the globe. For more information, visit embecta.com. Introduce Yourself Not finding the right fit? Let us know you're interested in a future opportunity by clicking  Get Started below or create an account by clicking 'Sign In' at the top of the page to set up email alerts as new job postings become available that meet your interest!