Jobfoundry
Jobfoundry
Illumina

Senior Product Security Engineer

Illumina
BiotechSingapore - Woodlands - NorthCoastFull-time1 months ago
Apply Now

About the role

AI summarised

The Senior Product Security Engineer at Illumina ensures the security of medical devices and software solutions. Responsibilities include security testing, threat modeling, and vulnerability management. Requires 3+ years of product security experience, medical device security testing, and proficiency in security tools and scripting languages.

BiotechFull-timeGeneral

Key Responsibilities

  • Perform security testing of physical medical devices and interconnected cloud services.
  • Conduct product threat modeling exercises with development teams and provide expertise in risk remediation.
  • Write security testing reports summarizing results for manufacturing process systems and software validation projects.
  • Develop and communicate expectations for continuous vulnerability management: identification, triage, analysis, and remediation recommendations.
  • Evaluate existing controls to identify gaps and areas for improvement
  • Consult with Engineering and Development Teams on complex security problems.
  • Perform independent security research on genomic sequencing devices.
  • Drive security by turning findings into actions and deliverables.
  • Understand attack methods and vectors then translate those into test cases that may exploit software weakness or logic flaws and provide direction to development to resolve the issues
  • Document regulatory requirements for submission of products in development.

Requirements

  • Minimum 3+ years of application and product security experience with track record of delivering processes and solutions based on industry standard security concepts and best practice frameworks.
  • Experience with medical device security testing.
  • Work collaboratively with other engineers to automate software test cases within a maintainable test automation environment
  • Work with software developers, scientists, and domain experts in understanding requirements of the software and translating to test cases and automated test scripts
  • Understanding of OWASP Top 10 Web Application Vulnerabilities.
  • Proficient with Linux shell, PowerShell, Perl and/or Python
  • Coding experience with one or more of the following: .Net, Java, Perl, JavaScript
  • Experience with software security tools like nMap, Wireshark, Kali Linux, OpenVAS
  • Effective communicator delivering key messages to team stakeholders, and business partners using informative clear verbal and written communications
  • Experience with a medical device manufacturer or other relevant Regulated industry highly preferable
  • Bachelor's degree in computer science, engineering, or similar and relevant work experience
  • Professional qualifications highly preferred. Example: CISSP, CISM, CSSLP, or OSCP.