Product Security Engineer
Job Description
Product Security Engineer 3 at Hologic, onsite in San Diego, CA, within the DevSecOps Center of Excellence, focused on threat monitoring, vulnerability assessments, and embedding security into diagnostics products.
Responsibilities
- Monitor the threat landscape and assess risk to Hologic products.
- Conduct and document vulnerability assessments against cyber attacks on Hologic products; provide support to product teams.
- Support product development efforts addressing security and network vulnerability issues.
- Develop and execute thorough test procedures to qualify operating system patches and antivirus software; design and automate tests in lab environments as needed.
- Educate sales and service teams on network security and virus protection topics.
- Collaborate with software engineers to define and implement security requirements.
- Coordinate with Engineering and Field Service resources to qualify networked Hologic products to meet customer performance expectations.
Requirements
- Bachelor's or Master's degree in Computer Science, MIS, Engineering, or a related technical field, with 4 to 8 years of relevant experience.
- Strong foundation in computer and network security.
- Experience administering computer networks.
- Proficiency with Microsoft Windows and Linux operating systems.
- Experience in software application testing and maintenance.
- Experience with cybersecurity risk assessment.
- Experience with enterprise-grade computer network infrastructure.
Technologies
- Microsoft Windows
- Linux
The Right Candidate for Us Will
- Possess the discipline to continually monitor security threats, assess risk to Hologic products, and disposition risk per quality procedures.
- Effectively troubleshoot and diagnose issues associated with networked, computer-based products.
- Be willing to travel to Hologic offices, training events, and customer sites.
- Work with some supervision while aligning with strategic intentions and corporate priorities.
- Have a solid understanding of network design concepts and hands-on knowledge of security analysis and protection tools.
Qualifications and Experiences We Would Like From You
- Advanced degree in Computer Science, MIS, Engineering, or a related technical field with 4–8 years of relevant experience.
- Computer and network security experience.
- Experience administering computer networks.
- Proficiency with Microsoft Windows and Linux operating systems.
- Software testing and maintenance experience.
- Cybersecurity risk assessment experience.
- Experience with enterprise computer network infrastructure.
- Desirable but not essential: Medical information system administration.
- Desirable but not essential: Software verification in a regulated industry.
- Desirable but not essential: PACS, DICOM, ASTM, HL7, EMR, EHR, or medical informatics experience.
- Desirable but not essential: Technical support to Field Service and/or end-users.
- Desirable but not essential: Security certifications such as CISSP.
- Desirable but not essential: OS and networking certifications (Windows, Linux, Cisco).
- Desirable but not essential: Experience in the healthcare industry (provider or medical equipment vendor).