Job Title: Product Security Engineer Job Description The Product Security Engineer will be responsible for the implementation of the enterprise Product Security strategy and framework throughout the orthopedics portfolio. This includes identifying key strategy and goals, collaborating with internal organizations to enhance existing processes and policies, creating and communicating metrics to management, and driving overall awareness of the capability. Specific responsibilities include supporting R&D teams throughout new product development phases, reviewing product security requirements, and recommending security design solutions. The role also involves assisting with the completion of Quality documentation, performing threat modeling, penetration testing, software architecture review, and providing design recommendations. The engineer will conduct code analysis and other security testing as needed. Additionally, post-market responsibilities include monitoring for new vulnerabilities, assisting with patching and remediation plans, and responding to customer security questionnaires and reviewing security language within contractual agreements. Responsibilities + Support the Global Product Security Framework: Contribute to and enhance the global security strategy, frameworks, and initiatives to ensure embedded medical devices are developed with the highest security standards. + Collaboration & Process Improvement: Partner with internal organizations (engineering, product management, compliance) to improve existing security processes and policies related to medical device development and post-market support. + Metrics & Reporting: Create, track, and present Product Security metrics to management, providing insights into security posture and progress towards goals. + Governance & Compliance: Help carry out the Product Security governance model for both pre-market and post-market devices, ensuring compliance with regulatory standards (FDA, 510k, etc.) and industry best practices. + Vulnerability Management & Remediation: Manage and prioritize vulnerabilities across the product portfolio, assisting engineering teams in developing and executing effective remediation plans. + Due Diligence & Threat Modeling: Conduct due diligence activities, threat modeling, and risk assessments for new and existing products to identify potential security gaps. + Customer & Vendor Interactions: Respond to customer security questionnaires, contractual language requirements, and ensure compliance with relevant security standards. + Post-Market Security Activities: Monitor and respond to new vulnerabilities in marketed devices, assist with patching and remediation efforts, and collaborate on customer security questionnaires and contractual obligations. + Other Duties: Perform additional security-related tasks as assigned. Essential Skills + A minimum of a Bachelor's degree in Computer Science, Engineering, or a related field is required; MS or advanced degree is preferred. + A minimum of 5 years in security and/or embedded software engineering functions, with a focus on product security in regulated environments (medical devices is a plus). + Understanding of threat modeling, and vulnerability management. + Experience with vulnerability scanning, penetration testing, and risk assessment tools (CVSS, OWASP, etc.). + Knowledge of Software Bill of Materials (SBOM) and how it relates to security and compliance. + Understanding of medical device security requirements, including FDA regulations, 510k submissions, and Quality Design Control processes. + Familiarity with threat modeling, risk management frameworks, and vulnerability management for medical devices. + Strong interpersonal and collaboration skills with the ability to communicate complex technical concepts to non-technical stakeholders. + Proven ability to influence cross-functional teams to drive security improvements and achieve desired outcomes. + Experience creating and presenting security metrics and reports to management. Additional Skills & Qualifications + CISSP, CEH, MCSD, CSSLP, or similar security certifications (preferred, not required). Work Environment Remote Pay and Benefits The pay range for this position is $60.00 - $62.50/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision• Critical Illness, Accident, and Hospital• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available• Life Insurance (Voluntary Life & AD&D for the employee and dependents)• Short and long-term disability• Health Spending Account (HSA)• Transportation benefits• Employee Assistance Program• Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type This is a fully remote position. Application Deadline This position is anticipated to close on Feb 5, 2025. About Actalent Actalent is a global leader in engineering and sciences services and talent solutions. We help visionary companies advance their engineering and science initiatives through access to specialized experts who drive scale, innovation and speed to market. With a network of almost 30,000 consultants and more than 4,500 clients across the U.S., Canada, Asia and Europe, Actalent serves many of the Fortune 500. Diversity, Equity & Inclusion At Actalent, diversity and inclusion are a bridge towards the equity and success of our people. DE&I are embedded into our culture through: + Hiring diverse talent + Maintaining an inclusive environment through persistent self-reflection + Building a culture of care, engagement, and recognition with clear outcomes + Ensuring growth opportunities for our people The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please email actalentaccommodation@actalentservices.com (%20actalentaccommodation@actalentservices.com) for other accommodation options.