Principal Cybersecurity Software Systems Engineer

Job description

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 103,000 colleagues serve people in more than 160 countries.

JOB DESCRIPTION:

We are looking for an experienced a Principal Cybersecurity Software Systems Engineer with good experience in developing strategy and techniques to support secure system development for medical devices / medical Instruments. The candidate should have strong experience in software development and in the field of cyber security.

Responsibilities:

• Responsible in applying an interdisciplinary, collaborative approach to plan, design, develop validate and verify Cyber solutions across the life cycle.
• Responsible to provide cyber security risk assessment for customers.
• Responsible for developing Product cyber Road Map
• Responsible to conduct cyber risk assessment activities including threat modeling, vulnerability analysis and analysis of mitigation solutions
• Responsible to develop, evaluate and analyze design constrains, trade-offs and detailed system and security design.
• Responsible for working within a collaborative, multi-discipline environment to produce secure deliverable products as part of an Agile team
• Responsible to conduct cyber security test and evaluation of hardware and/or software designs to verify and validate compliance with defined specifications and requirements.
• Employ cyber security processes, methods, techniques and tools and assure their consistent application.
• Drive efficiency through standardization, automation, documentation, and cross-training
• Analyze source code, test data, and security scan reports for vulnerabilities and develop/implement mitigations

Required Experience, Education, etc.:

• Bachelor’s Degree in computer science or similar curriculum
• Must have strong software design skills and have a good understanding of Object-Oriented Programming concepts.
• Must be able to apply SDLC concepts and have a proven track record of delivering solid, robust applications
• 10+ years of experience in programming in C#, Python or other scripting language and SQL
• 5+ years’ experience in performing cybersecurity activities in support of software and system requirements, design, development, testing, and sustainment.
• Knowledge of DoD cybersecurity requirements, DISA STIGs, policies, and procedures.
• Knowledge of Threat modeling, vulnerability and compliance assessments and mitigation
• Knowledge of attack and counter measure and system protection plans.
• Experience in working in multilayer architecture and multiple subsystem environments.
• Experience in agile and lean delivery concepts and methodologies, and a history of successfully applying this knowledge to deliver applications 
• Experience in working in continuous integration and deployment environment.
• Experience with Secure Configuration/Hardening of Systems.
• Experience in unit testing using tools like NUnit and mocking frameworks like Moq
• Experience in Atlassian suite – Bamboo, JIRA, Bitbucket and confluence
• Must have strong interpersonal, analytical, problem solving and organizational skills, and the ability to independently work as a contributing member in a high-paced and focused team.
• Strong written and verbal communication and presentation skills

Preferred Experience:

• Experience in working in medical device / medical instrument development and/or similar experience from highly- regulated manufacturing companies / industries, e.g. Defense/Aerospace, Aviation, etc.
• Experience in NIST Risk Management Framework and Software Assurance measures and practices.
• Experience in IEC62304 standards, cryptographic standards and methods, detailed knowledge cryptographic key management

JOB FAMILY:

DIVISION:

LOCATION:

ADDITIONAL LOCATIONS:

WORK SHIFT:

TRAVEL:

MEDICAL SURVEILLANCE:

SIGNIFICANT WORK ACTIVITIES: