Job Specifications
*Work Schedule: Hybrid schedule, Monday through Thursday. Required in-office days: Tuesday and Wednesday. Remote flexibility on Monday and Thursday (based on business needs), Fridays off.
We're seeking a talented Software Cybersecurity Engineer IV to lead the design, development, and implementation of cutting-edge cybersecurity controls for Embedded medical devices. We're looking for a seasoned expert with a deep understanding of the software lifecycle process and experience guiding software engineers in breaking down requirements into product features and architecture.
As a key collaborator between product security and software engineering teams, you'll ensure compliance with regulatory requirements, industry standards, and our company's strict cybersecurity guidelines. You'll leverage your expertise in programming languages like C, C+, Python, and use Linux to create secure systems, and your knowledge of networking and Embedded systems will be invaluable.
Key Responsibilities:
Lead cybersecurity control design, development, and implementation for medical devices
Deep understanding of Software Lifecycle processes from initial conception to maintenance. Being able to design and create protypes.
Strong experience with writing code, production code and rolling it out to the customer - being hands on throughout the coding process
Object-oriented programming, cloud solutions, and related cybersecurity concerns
Conduct threat modeling, risk assessments, and vulnerability analyses
Collaborate with cross-functional teams to integrate security measures into the product development lifecycle
Define and implement cybersecurity testing plans, including penetration testing and design reviews
Stay up-to-date with the latest cybersecurity trends, threats, and technologies
Requirements:
8+ years of relevant work experience in cybersecurity and software lifecycle
Bachelor's or Master's degree in Computer Science, Software Engineering, or a related field
Cybersecurity certifications (CISSP, HCISSP, CEH, CISM, CIMP, etc.)
Expert understanding of computer networks, Embedded systems, and cybersecurity principles
Strong knowledge of C/C+, Linux, and Real-Time Operating Systems
Excellent written and verbal communication skills
Preferred Qualifications:
10+ years of relevant work experience
Knowledge of medical device quality systems regulations and standards (eg, US FDA Quality Systems Regulations 21CFR Part 820, ISO 13485)
Experience with object-oriented programming, cloud solutions, and related cybersecurity concerns
Ability to lead agile teams and mentor developers and peers on cybersecurity practices
What We Offer:
A dynamic and collaborative work environment
Opportunities for professional growth and development
A chance to make a meaningful impact in the medical device industry
Who We Are:
KARL STORZ is an independent, family-owned company headquartered in Germany's renowned MedTech manufacturing region. For 80 years, we've pioneered the most groundbreaking innovations in endoscopic surgery, video imaging, and OR integration to benefit patients and healthcare providers alike.
With more than 9,000 associates worldwide and 2,600 in the US, we pride ourselves on harnessing cutting-edge technology, precise workmanship, and unrivaled customer support to help healthcare facilities succeed. With onsite locations and field opportunities across the country, we attract a diverse and talented staff. It's not just about the tools we create-it's about the lives we change, together.
About the Company
KARL STORZ North America is a leader in endoscopic technology and imaging solutions across virtually all surgical specialties. It is a subsidiary of KARL STORZ SE & Co. KG, an international medical technology company that is family-owned and based in Tuttlingen, Germany. KARL STORZ stands for visionary design, precision craftsmanship, and clinical effectiveness and has a portfolio that includes more than 15,000 products for human and veterinary medicine.
Know more