Previous Job
Previous
Staff Engineer
Ref No.: 17-06595
Location: San Jose, California
Position Type:Contract
Start Date / End Date: 11/13/2017 to 11/13/2018
Client Biosciences is currently seeking a Staff Engineer to supplement our growing product security team. At Client Biosciences, you will have the opportunity to make key contributions to the security of medical devices and systems that are used to help all people live healthy lives. As a member of the product security team, the Staff Engineer – Product Security will be responsible for working with software development teams to assess potential security vulnerabilities using recognized security standards and provide recommendations on resolving them. They must also have knowledge of operating systems as well as techniques and standards for security hardening (NIST SP 800-53, ISO/IEC 27001, OWASP, etc.). Potential candidates must be able to apply technical expertise and diagnostic skill to the evaluation of security vulnerabilities in combination with experience in security risk management to develop maintainable technical solutions. A successful candidate will thrive on working with other software engineers in a dynamic and collaborative development environment where meeting project goals and delivering quality is key. Responsibilities: • Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance to product development software engineers. • Implement software and OS security solutions in accordance with industry accepted standards for medical devices including: encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware. • Develop and administer software engineering procedures and training for vulnerability scanning and static code analysis tools. • Implement systems for automated testing of software vulnerabilities and verification of OS security patches. • Assist product development teams in creating security documentation including Incident and Vulnerability Management Plans and Product Security White Papers. • Participate on product security incident response teams as appropriate. • Participate in technical design reviews and code inspections and provide clear, actionable feedback for project team members, including demonstrating proper coding practices. • Work with the project teams to develop necessary requirements, specifications and testing scope for OS configuration and patch verification for products. • Ensure quality in security test deliverables, including design, data summary and interpretation, report and document preparation and review for adherence to applicable regulations.

Quals--
Qualifications: Required • Minimum of a Bachelor’s Degree in Electrical Engineering, Computer Science or related engineering field. • Minimum of 5 years of experience in software development. • Minimum of 5 years of experience in product development within a quality management system. • Minimum of 3 years of experience in secure coding practices. • Knowledge of Windows networking fundamentals and experience with TCP/IP and sockets. • Demonstrated positive work ethic with a strong commitment to achieving project goals. • Excellent written and oral communication skills are essential. • Experience with the Agile / Scrum development lifecycle. Preferred • 2 years of experience developing with C# and .NET frameworks. • 2 years of experience with Agile / Scrum development lifecycle. • 2 years of experience in medical devices / regulated environment. • Experience with configuration and use of static code analysis and vulnerability scanning tools. • Knowledge of information security standards for product development.