Software Engineer III (Cybersecurity Test Engineering, Post-Market Security)

About The Position

Requirements

• Associates Degree plus typically 4 to 10 years of related experience or Bachelor’s Degree plus typically 4 to 8 years of related experience or Master’s Degree plus typically 2 to 6 years of related experience or waiver based on experience. Degree should be in a technical discipline such as Chemistry, Math, Physics, Engineering, or Computer Science.
• Programming expertise in Python, Bash, C, or C++.
• Hands-on expertise in offensive and defensive security and penetration testing methodologies.
• Proficiency with a personal computer and software packages
• Ability to use software engineering tools: configuration, requirements, and defect management
• Ability to handle many software components
• Language: English
• Expertise in penetration testing tools (e.g., Nessus, Metasploit, Burp Suite) and fuzzing tools (e.g., Peach, AFL).
• Familiarity with secure software development lifecycles (SDLC).
• Familiarity with standards such as FDA, HIPAA, and ISO 13485.
• Strong technical writing skills for compliance, reporting, and regulatory submissions.
• Advanced knowledge in exploit chaining and vulnerability analysis.
• Strong written and oral communications skills
• Ability to use software engineering tools: configuration, requirements, and defect management
• Ability to operate instrumentation

Nice To Haves

• Industry-recognized certifications such as OSCP, CEH, GPEN, or equivalent.
• Experience with VMware ESXi and virtualized environments desirable.
• Strong knowledge of Linux systems.
• Experience in cybersecurity for medical devices or other highly regulated industries.

Responsibilities

• Participates as active member of the project team focusing on analyzing penetration test results, assessing attack patterns and severity, and collaborating with Red or developers
• Provide actionable remediation guidance to mitigate identified cybersecurity defects and risks.
• Manage and maintain vulnerability scanning tools, and secure test environments.
• Conduct fuzz testing to uncover unknown vulnerabilities and escalate critical findings.
• Reproduce and validate cybersecurity defects in controlled environments.
• Evaluate, Investigate and resolve cybersecurity issues/ fixes reported by customers, ensuring effective and timely solutions.
• Produce high-quality technical documentation to support compliance with regulatory standards such as FDA, HIPAA, and ISO 13485.
• Collaborate with development, IT, and product teams to ensure secure design and implementation of systems and products.
• Creates/Maintains software requirement/functional specifications
• Identifies interfaces between software components and/or hardware
• Creates/Maintains software (component) design documentation
• Creates/Maintains software source code that adheres to design documentation
• Performs unit testing and/or code reviews as per project policy
• Performs integration testing to ensure software functions within application and with devices
• Evaluates, investigates, and implements fixes to assigned software defects
• Evaluates, investigates, and implements assigned software change proposals