Senior Cybersecurity Engineer

New Today

At Spacelabs Healthcare, we are on a mission to provide continuous innovation in healthcare technology for better clinical and economic outcomes. Our scalable solutions deliver critical patient data across local and remote systems, enable better-informed decisions, increase efficiencies, and create a safer environment for patients.
Why work at Spacelabs? Because lives depend on you!
The Spacelabs Privacy and Security Program is a shared service model with responsibility for Cybersecurity and Privacy by Design, Compliance, Security Testing and Incident Response.
As a Spacelabs Senior Cybersecurity Engineer you are responsible for cybersecurity and privacy functions for our Products. The role collaborates with Spacelabs Project Teams to ensure the product privacy and security posture. This role is a trusted collaborator of the Project Teams and work closely with Engineering and Quality/Regulatory functions. This role includes managing.
Responsibilities:
Represent the Spacelabs Cybersecurity and Privacy Team
Responsible for leading Product cross functional team members to complete all technical aspects of product cyber security tasks and initiatives; be the Product Owner for Cybersecurity
Ensure the Confidentiality, Integrity and Availability of Spacelabs Cloud Products and solutions
Lead Cybersecurity and Privacy by Design and by Default for the assigned projects
Represent cyber security with the product development teams to ensure cyber security and privacy is being designed into products
Represent cybersecurity and privacy in the Risk Assessment as a subject matter expert including:
cybersecurity threat management process
continuous technical analysis and monitoring of cyber security signals
Lead customer cybersecurity and Privacy assurance. This includes Product Security communications content such as:
Product Labeling
completion of security inquiries
complaint and vulnerability reports
provide consistent cybersecurity and privacy guidance to Spacelabs and Customer
Lead Cybersecurity and Privacy Complaint Event and Incident Invest
Requirements:
10+ years of Cybersecurity and Privacy Compliance
5-10 years of Cloud Security Experience (AWS preferred)
5 years experience leading product cyber security projects and risk management activities in medical device or healthcare domain (preferred)
Experience in cross-functional cyber security activities including Product Defense in Depth, security technology, regulatory compliance and incident response
Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications)
Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines, 95/46/ED, HIPAA, GDPR, ISO 13485, ISO 14971. ISO 27001/27017/27018, ISO 30111; AAMI TIR 57; 21CFR820, SB1386, etc.)
Experience in designing or leading software products using Secure SDLC
Thorough Understanding of securing and hardening Windows and Linux operating systems
Thorough understanding of networking and network security
Thorough understanding of Operating Systems, Operating Systems Security (e.g. hardening)
Thorough understanding of Web Server Security
Thorough understanding of Database Security
Thorough understanding of Cloud Design and Architecture
Thorough understanding of Security by Design and by Default for Cloud solutions (infrastructure, Application and Operational Security)
Thorough understanding of AWS Cloud Security Best Practices
Cyber security training and certification such as CISSP/CISM/CISA, Security +; Cloud Security Alliance, SANS Cloud Security
Bachelor's Degree plus a minimum of 15 years of related experience or Master's Degree plus a minimum of 10 years of related experience or waiver based on experience
Degree should be in a technical discipline such as Computer Science-Information Security or Cybersecurity or Software Engineering
NOTICE TO THIRD PARTY AGENCIES
OSI Systems, Inc. and its subsidiaries (collectively OSI) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.
OSI Systems, Inc. has three operating divisions: (a) Security, providing security and inspection systems, turnkey security screening solutions and related services; (b) Healthcare, providing patient monitoring, diagnostic cardiology and anesthesia systems; and (c) Optoelectronics and Manufacturing, providing specialized electronic components and electronic manufacturing services for original equipment manufacturers with applications in the defense, aerospace, medical and industrial markets, among others.

TPBN1_UKTJ
Apply
Location:
Dalkeith
Salary:
not provided
Job Type:
FullTime
Category:
IT

We found some similar jobs based on your search