Sr. Application Security Engineer

Glaukos CorporationBurlington, MA
118d
Match Resume

About The Position

As an Application Security Engineer, you will play a critical role in securing the software that powers our medical devices and offer your expertise as we develop other applications such as mobile and web apps. You will work closely with software developers, Quality engineers, and product teams to integrate security best practices throughout the software development lifecycle (SDLC), ensuring compliance with regulatory standards from the FDA, HIPAA, NIST CSF, etc. Conduct threat modeling, secure code reviews, and vulnerability assessments of mobile and embedded applications. Collaborate with development teams to integrate security into CI/CD pipelines and DevSecOps practices. Develop and maintain secure coding guidelines and training programs for engineering teams. Evaluate and implement application security tools (SAST, DAST, SCA, etc.). Monitor and respond to application security incidents, identify application security concerns in product complaints, and coordinate remediation efforts. Ensure compliance with relevant medical device cybersecurity regulations and standards (e.g., FDA pre- and post-market guidance, NIST 800-53, ISO 27001, etc.). Participate in security architecture reviews and risk assessments for new and existing products. Stay current with emerging threats, vulnerabilities, and security technologies.

Requirements

  • 5+ years of experience in application security or software security engineering.
  • Strong understanding of secure coding practices in languages such as C, C#, C++, or Python.
  • Experience with security testing tools (e.g., Mend, Perforce, Lattix, etc.).
  • Familiarity with regulatory and compliance frameworks relevant to medical devices.
  • Experience in the medical device or healthcare industry.
  • Knowledge of embedded systems and firmware security.
  • Broad expertise in other security domains such as network security, endpoint security, etc.
  • Certifications such as OSCP, CSSLP, CASE, CEH, CISSP.
  • Bachelor’s degree in Computer Science, Cybersecurity, or related field.

Responsibilities

  • Conduct threat modeling, secure code reviews, and vulnerability assessments of mobile and embedded applications.
  • Collaborate with development teams to integrate security into CI/CD pipelines and DevSecOps practices.
  • Develop and maintain secure coding guidelines and training programs for engineering teams.
  • Evaluate and implement application security tools (SAST, DAST, SCA, etc.).
  • Monitor and respond to application security incidents, identify application security concerns in product complaints, and coordinate remediation efforts.
  • Ensure compliance with relevant medical device cybersecurity regulations and standards (e.g., FDA pre- and post-market guidance, NIST 800-53, ISO 27001, etc.).
  • Participate in security architecture reviews and risk assessments for new and existing products.
  • Stay current with emerging threats, vulnerabilities, and security technologies.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Education Level

Bachelor's degree

Number of Employees

501-1,000 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service