Insulet Corporation

  • Sr. Staff / Principal Product Security Engineer

    Job Locations US-CA-San Diego | US-CA-San Diego
    Posted Date 6 months ago(10/29/2018 2:38 PM)
    Category
    Research & Development
  • Position Summary

    Insulet is a leading developer and manufacturer of wearable, connected medical devices and is seeking a seasoned product security expert to support its R&D teams in developing next-generation IOT solutions.

     

    In this role the Sr Staff/Principal Product Security Engineer is responsible for architecting, designing, and leading implementation of Insulet’s product security framework. The right candidate is a natural systems thinker, capable of analyzing and developing responses to security threats originating from IOT (BLE), mobile, and server nodes of the Insulet product system.

     

    The candidate must be able to lead and evaluate product designs and provide solutions to remediate security vulnerabilities through risk analysis, penetration testing, and static code analysis.

     

    Responsibilities

    • Lead product security risk assessments, hazard analysis, thread modeling, and provide vulnerability remediation guidance to software engineers

     

    • Design security system improvements and enhancements
    • Perform vulnerability testing and assessments on product and system designs
    • Participate and contribute to product security incident response and related activities
    • Lead technical design review and code inspections and provide clear, actionable feedback to engineers
    • Work with internal and external security teams to design, document, and promote security by design practices within Insulet
    • Stay current on related mobile and medical device security technology and threats

     

    Education and Experience

    Minimum Requirements:

    • Bachelor's degree in math, computer science, engineering, or related discipline
    • Minimum of 3 years of medical device product development experience
    • Minimum of 7 years software security experience

    Skills/Competencies:

    • Knowledgeable of security requirements and secure coding standards including (NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT
    • Extensive cryptography experience
    • Knowledge of typical networking, mobile, and connectivity protocols
    • Experience with BLE (Bluetooth Low Energy)
    • Extensive PKI experience
    • Knowledge of mobile software development and tools for Android and iOS

     

    Physical Requirements:

    • Travel overnight(s) as necessary both domestically and internationally to support project goals (up to 20%) 

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed