Understand the overall technical capabilities of our products, typical deployment scenarios, and drive platform security posture improvement. Collaborate with product teams to create comprehensive product cybersecurity threat models. Guide security risk analysis including threat identification, severity scoring, and selection of appropriate controls to mitigate risks. Work closely with cross-functional teams, including Quality, Regulatory, and Marketing in driving alignment around medical device... more details
Work Flexibility: Remote
Who We Want:
Dedicated achievers - People who thrive in a fast-paced environment and will stop at nothing to ensure a project is complete and meets regulations and expectations.?
Curious learners -?People who seek out cutting-edge research and information to expand and enhance their ability to be ready for what’s next.?
Self-directed initiators –?People who take ownership of their work and need no prompting to drive productivity, change, and outcome and will stop and nothing to ensure a project is complete and meets regulations and expectations.?
Collaborative partners - People who build and leverage cross-functional relationships to bring together ideas, information, use cases, and industry analyses to develop best practices.?
What You Will Do:
Product Security is driven to make healthcare better by ensuring that Stryker designs, develops, and maintains industry leading cyber secure products for our customers. As a SeniorStaff Product Security Engineer, you will improve the safety, integrity, and resilience of medical devices developed by the Acute Care business unit at Stryker Medical and their embedded software. You will participate in project planning, product cybersecurity risk analysis, and risk mitigation strategies. You will lead various product cybersecurity tasks and activities established by product design controls and SDLC procedures and you will be involved in all facets of the product development life cycle. The ideal candidate is excited to protect our customers and their patients through the design and implementation of effective security controls.?
?
Key Responsibilities:?
Understand the overall technical capabilities of our products, typical deployment scenarios, and drive platform security posture improvement.?
Collaborate with product teams to create comprehensive product cybersecurity threat models. Guide security risk analysis including threat identification, severity scoring, and selection of appropriate controls to mitigate risks.?
Work closely with cross-functional teams, including Quality, Regulatory, and Marketing in driving alignment around medical device cybersecurity standards and regulations.??
Support all facets of product hardware and software security including system hardening, automated and manual penetration testing, vulnerability scanning, and issue remediation.?
Identify product vulnerabilities through design review, code review, and security testing.?
Lead and own vulnerability and incident response activities through assessing applicability, exploitability, and impact with product teams; developing POC exploits; and planning and executing mitigation and remediation to closure.?
Leverage and implement DevSecOps to create efficiencies in managing security posture of our products.?
Support cybersecurity documentation requests from legal and sales teams on an as-needed basis.?
Lead product teams on conversations from a security PoV. Author and contribute artifacts such as Security Assessment, MDS2, Security Risk, Threat Model, SBOM, OSS etc.?
Coordinate security war gaming activities with R&D product teams to enhance security practices and overall security posture throughout life of a product.
What You Will Need:
Basic Qualifications:
Bachelor's degree in Computer Science, Software Engineering, Electrical Engineering, Cybersecurity, or related discipline?
Minimum 6 years of related experience?
Demonstrated experience designing and securing embedded systems?
Strong understanding of embedded/IOT security relevant technologies (e.g. secure boot, FIPS 140-2 encryption, anti-tamper, TPM, code signing, TLS, PKI)?
Preferred Qualifications:
Experience working in medical device, health care, or other regulated industry.?
Knowledge of communication protocols and technologies like TCP/IP, Ethernet, Wi-Fi, Bluetooth, 3G, UWB, and CAN.?
Experience with Embedded Linux?
Proficiency with C/C++?
Familiarity with use of embedded security tools such as logic analyzers, protocol analyzers, disassemblers, Wireshark, Bus Pirate, ChipWhisperer, IDA, MetaSploit, etc.
$112k - $239ksalary plus bonus eligible + benefits. Actual minimum and maximum may vary based on location. Individual pay is based on skills, experience, and other relevant factors.
Travel Percentage: 10%Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer – M/F/Veteran/Disability.Stryker Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
We would like to take a second to Welcome You to Job Abstracts, the nation’s largest Pure Job Board. With over 3.1 million job listings from 15,000+ Companies & Organizations, we help job searchers find careers that match their interests. As an anonymous user, you have probably discovered how easy our system is to use. However, you have just scratched the surface of what we can offer.
We encourage you to Register so you can use our most powerful features: searching with multiple terms, setting up multiple locations, establishing favorite companies, and accessing your search history. If you find a job you like, you can apply directly for it, and then, keep notes on it. We will also keep a lookout for jobs that match your search terms and email you when we find something you may like.
You can register for free and the system is free to use. If you like our system so far, click on Register and unlock the power required by serious job searchers.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.
