Senior Software Engineer, Cybersecurity

About The Position

Requirements

• BS degree and least 8 years of related experience or equivalent in a directly related discipline or equivalent combination of education and experience.
• MS degree in directly related discipline + 4 years of related experience required; OR, PhD degree in a directly related discipline + 2 years of related experience required.
• Prior experience in secure software development.
• Cybersecurity certification(s) desired, but not required (e.g. CISA, CISM, CISSP).
• Experience in Cloud security concepts and with medical devices, especially IVD systems, desired.
• Knowledge about Windows and .Net technology stack (Java and Linux are a plus).
• Knowledge of cybersecurity regulations, laws and standards for the medical device industry.
• Driven, self-starter with good planning and organizational skills and a strong attention to detail.

Responsibilities

• Contribute as a Subject Matter Expert to cybersecurity risk assessments for the RTD product portfolio, including risk identification, risk analysis and verification of risk mitigations.
• Consult development teams in analyzing potential impacts and exposure of vulnerabilities.
• Contribute technical knowledge to development teams about secure design patterns and the right use of security technologies.
• Create and review documentation of security concepts, secure designs and plans to maintain the secure state of the product portfolio throughout its lifecycle.
• Manage and oversee penetration tests with internal product teams and external service providers. Assess and track mitigation strategies.
• Collaborate with Roche's Product Security and Privacy Operations group to disseminate process updates and state of the art best practices to product development teams.
• Prepare and deliver presentations of product security posture results to large and diverse internal audiences.

Benefits

• Discretionary annual bonus may be available based on individual and Company performance.