Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cyber Security Device Engineer

Q

Queen Consulting Group, Inc.

Cyber Security Device Engineer

Boston, MA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

    POSITION: Cyber Security Device Engineer (3 positions) LOCATION: Greater Boston area JOB TYPE: Contract DURATION: 12-18 mo

      Job Description: As an active member of product development cross functional teams, has responsibility for all program cybersecurity deliverables per process. Participates in architecture/design reviews and threat modeling activities, helping to identify risks in new and existing products/systems. Works with engineering teams on how to best address individual cybersecurity vulnerabilities identi? ed during threat modeling and other review activities. Complies with all internal and external processes.   1.            Conduct monthly Nessus scans and report out results to maintain our DoD RMF certi? cation. Perform both pre and post release threat and vulnerability testing (pen testing, fuzz testing, etc.) looking for unmitigated cybersecurity threats/vulnerabilities in our products. 2.            Create and release all process required program cybersecurity documents, and draft Manufacturer Disclosure Statements for Medical Device Security (MDS2) documents.  Draft responses to customer requested cybersecurity documents/inquiries. 3.            Perform all work in compliance with all internal and external cybersecurity processes and regulations. 4.            Participate in threat modeling activities and architectural/design reviews to help identify possible cybersecurity vulnerabilities. Provide design guidance and potential mitigation solutions on identi? ed vulnerabilities. 5.            Review Software Bill of Materials (SBOM) looking for newer versions of listed software items. For new versions, review and evaluate updates to identify any items that were released that address security vulnerabilities, scoring and documenting the results. 6.            Draft customer facing cybersecurity advisories when new cybersecurity vulnerabilities are discovered in released products where Draeger is required to notify publicly of such vulnerability. 7.            Participate in post market release team reviews of cybersecurity? eld complaints, providing input on severity and probability scoring for each identi? ed vulnerability.   Quali? cations Education: BS Cybersecurity, Computer Science or other technically related? eld.   Related Experience:   *             3-5 years of practical application security work experience, including some or all of the following: source code auditing, penetration testing, product assessments, vulnerability research, and reverse engineering. * 2-3 years of practical software development experience. Familiarity with the C/C++/Python/JavaScript * Understanding of scanning tools - Nessus * Prototyping ability – the skill to demonstrate feasibility with short notice * Experience using the Microsoft Threat Modeling tool * Excellent attention to detail, quality, and customer satisfaction. * Strong analytical, organizational, and technical writing skills. * Windows and Linux operating systems knowledge   Special Competencies or Certi? cations:   •             CompTIA Security+ •             CISSP: Certi? ed Information Systems Security Professional •             CEH: Certi? ed Ethical Hacker •             Working knowledge of ISO 14971 •             Knowledge of IT strategy, and enterprise/security architecture •             Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies •             Firewall and intrusion detection/prevention protocols •             Secure coding practices, ethical hacking and threat modeling •             TCP/IP, computer networking, routing and switching •             Understanding of Network security architecture