Work Flexibility: Hybrid
Product Security Engineer works with Product Security team members and product development teams to support specific security applications and processes that enable product teams to develop secure medical device products and associated systems and technologies.
Manage all facets of Vulnerability Assessment and Penetration testing involving embedded devices, Web and Mobile based Applications.
Perform attacks and identify vulnerabilities on interfaces like USB, WiFi. Ethernet etc.
Perform manual and automated security code review for complex Desktop, Web and Mobile applications to identify security flaws.
Leverage DevSecOps to embed security testing into all phases of SDLC.
Provide support/inputs in issue remediation.
Prepare Test Plans and Test Reports to support test activities.
Required Qualifications:
Bachelor’s in Software/Electronics Engineering or equivalent degree.
3-7 years of hands-on experience in Vulernability and Penetration Testing using tools like Kali, Nessus, Burpsuite, Qualys etc.
Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python.
Understanding of Cloud based environments like Azure and AWS.
Preferred Qualifications:
At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams.
Excellent communication and interpersonal skills.