BD (Becton, Dickinson and Company) Principal Security Engineer in San Diego, California

Job Description SummaryProduct Security Engineer

Job Description

The Becton Dickinson [BU] business unit is seeking a Product Security Engineer to be part of a team responsible for implementing a product security framework supporting existing and future medical instrumentation and software. The right candidate is a positive, forward-looking person who must be self-directed requiring minimal daily direction, collaborates often and effectively with project team members, presents a positive and professional demeanor with customers, and excels at solving difficult problems.

The candidate will need to possess skills specifically related to implementation of security requirements and e.g., NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT Standards. The candidate shall be able to evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk.

  • The Product Security Engineer will participate in a full medical system development life cycle and adhere to a quality management system.

  • •Must to identify cybersecurity threats and perform analysis based on threat vectors and identified vulnerabilities and build solutions to reduce the risk level.

  • Must possess the skills to perform research independently, identify pertinent information for evaluation, and develop potential solutions and alternate courses of alternatives

  • Understanding of engineering principles for IT system development

  • Require broad knowledge of IT security principals that supports DevOps

  • Familiar with automated vulnerability scanning assessment tools and their operation to produce security artifacts

  • Must possess the skills to automate solutions using various scripting tools

  • Analyze system security architectures and make recommendations for security design and requirements that are compliant with applicable Security Technical Implementation Guides (STIGs) and other Federal and state standards.

  • Must have strong organizational skills and attention to detail, and possess exceptional ability to communicate effectively with peers, supervisors, managers, and customers within a team-oriented, collaborative environment.

  • Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

  • Familiarity with the Software Development Life Cycle (SDLC) and injection of security principles/processes within various development environments to achieve software assurance

  • Knowledge of Active Directory, virtual environment and cloud computing

Qualifications:

  • BS degree in Computer Science, Computer Engineering, Cyber Security, Information Technology, or other related engineering field is required

  • Minimum of 5 years of experience in cyber security, systems & architecture concepts and designs

Required Knowledge, Skills and Attributes:

  • Experience in system architecture understanding risk, mitigation and remediation

  • Knowledge of Windows Operating Systems and their environment

  • Knowledge of Active Directory framework

  • Highly desired understanding of virtualization and cloud technologies

  • Demonstrated understanding of developing in a regulated environment and adhering to a quality management system

  • Excellent written and verbal communication and interpersonal skills are essential

  • Demonstrated positive work ethic with a strong commitment to achieving project goals

Nice-to-Haves:

  • Experience working in a regulated (FDA) environment with medical instrumentation is a plus

  • Certification in InfoSec Security are a plus, e.g., CISSP, CSSLP

#LI-TECH

Primary Work LocationUSA CA - San Diego TC Bldg C&D

Additional Locations

Work Shift