Product Security Engineer

Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living.

We're on the lookout for hard-working individual who is ready to make an impact in medical equipment industry. If you're eager to be part of a dynamic environment that fosters growth and collaboration, look no further. Explore our latest job opening for Product Security Engineer role and embark on a journey where your talents are valued and your potential is limitless. In collaboration with Global IT, R&D and Compliance Teams with the ultimate goal of ensuring Smith + Nephew products and their data is secure and resilient to cybersecurity threats. We encourage you to apply for this exciting opportunity. Let's craft the future together!

What will you be doing?

• Your will contribute, Technical Cybersecurity Architecture and Engineering Services.
• Define and ensure implementation of cybersecurity requirements and controls in support of multiple Smith + Nephew technologies, capital devices, digital accessories, connected infrastructures and software applications.
• Product Security Testing and Assessment - Be responsible for the execution and integration of cybersecurity testing, assessment activities throughout the development lifecycle - which includes but is not limited to Static Application Security Testing, Dynamic App. Security Testing, and Software Composition Analysis.
• Vulnerability response support - Provide technical expertise in evaluating and assessing potential vulnerabilities, support vulnerability response efforts, and efficiently communicate risks and mitigation strategies to the business.
• Secure-Software Development Life Cycle - Help develop and mature Global Product Security Strategy and (S-SDLC) to ensure robust cyber security controls are present and effective in our products from product conceptualization through commercial launch and ultimately product/product family decommissioning.
• Threat model - Provide technical leadership and proficiency in crafting comprehensive threat models using industry-standard methods in close collaboration with the product teams and the product security engineers.

What will you need to be successful?

• Education: Bachelor's or equivalent experience or Master’s degree in Computer Science or Information Technology.
• Licenses/Certifications: Current CISM, CISSP, CRISC, or similar certification preferred.
• Experience: Minimum 3+ years of experience in hands-on cybersecurity experience.
• Good understanding of mitigating security controls. Vulnerability Management, Penetration Testing, Code Security.
• Good to have - FDA and other medical device regulators experience. Knowledge of cyber security standard frameworks such as HIPAA, FDA, ISO 27001/2, NIST CSF, and OWASP.
• Understanding of network infrastructure, including firewalls, web proxy and/or email architecture- particularly as they apply in a mitigating control functionality.
• Experience with different cloud computing platforms and the cloud security framework. Ability to craft, recommend, plan, guide, and support implementation of innovative security solutions.
• Understand the current Medical Device market, including what customers want to see with regards to product security
• Understanding of back-channels typically used by threat actors for malicious activity.
• Understanding of different connectivity protocols and any risks involved with them.
• Superb communication, collaboration, and relationship building and collaborator engagement skills.

You Unlimited.

We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion, Diversity and Equity- Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about Employee Inclusion Groups on our website (https://www.smith-nephew.com/).

Other reasons why you will love it here!

• Your Future: Major Medical coverage + Policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents / Parents in Law’s Insurance (Employee Contribution of 8,000/- annually), Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances.

Stay connected and receive alerts for jobs like this by joining our talent community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.

Check our Glassdoor page for a glimpse behind the scenes and a sneak peek into You Unlimited, life, culture, and benefits at S+N.

Explore our new website and learn more about our mission, our team, and the opportunities we offer.

Stay connected and receive alerts for jobs like this by joining ourtalent community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day. 

Check ourGlassdoor page for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our new website and learn more about our mission, our team, and the opportunities we offer.