What are the responsibilities and job description for the Product Security Engineer II position at Bracco Medical Technologies?

Product Security Engineer II

Twitter

Message

Why Join Bracco Medical Technologies?

At Bracco Medical Technologies, every employee has an impact on our Mission to empower lifesaving

decisions. We create medical devices that give healthcare providers the

insights they need to confidently and safely diagnose patients. Our unique line

of products includes Intravascular Ultrasound (IVUS), Fractional Flow Reserve

FFR), Cardiovascular Imaging contrast delivery (CVi), and CT and MRI contrast

delivery systems.

Position Description

Position Summary :

As a member of Bracco Medical Technologies (BMT)'s Product Security Team, this role is responsible for driving the maturity of BMT's vulnerability management and incident response program.

This role provides the opportunity to work cross functionally with a variety of stakeholders, including product development teams, service, and sales, and contribute to product security team deliverables and activities both at the post market and premarket stage such as threat modeling, security testing and security risk management.

Primary Duties & Responsibilities :

Engage in security research and develop tooling to enhance the post market product security capability to detect and risk assess security vulnerabilities.
Generate and manage Software Bill of Materials (SBOM) across multiple platforms
Detect and triage root cause and risk assess vulnerabilities found in SBOMs communicating across multiple functions in order to drive remediations on vulnerabilities detected.
Architect solutions to remediate post market security vulnerabilities and engage cross functional stakeholders for remediation planning.
Be part of PSIRT team, lead CVD and incident response on BMT products.
Supports the integration of incident response and vulnerability management process into the Quality Management System.
Develop training for cross functional stakeholders engaged in the Incident Response and Vulnerability Management Process and conduct tabletop exercises.
Partner with the product and software engineering teams in premarket security activities to assist with design reviews, threat modeling, penetration testing, code reviews, security issues remediation, and other security related activities.
Support software developers, system engineers and hardware / firmware engineers across business units on their premarket security practices and provide guidance regarding mitigations to emerging threats and remediation planning.
Other duties and responsibilities as required to support the changing security needs of the organization.

Qualifications (Knowledge, Skills & Abilities) :

Minimum

Bachelor of Science in Computer Engineering, Computer Science, Software Engineering, Electrical Engineering, Computer Systems Engineering, or a related discipline.

3 years' experience in systems security administration control and / or software engineering experience or other related experience

2 years' experience in vulnerability management and incident response, product security architecture, security testing, security consultancy, or equivalent.

Have knowledge of industry standards and frameworks such as OWASP, NIST, SANS, MITRE ATT&CK, UL 2900 etc

Have experience in SBOM scanning and automation

Demonstrated problem-solving ability

Strong collaboration skills with the ability to work cross functionally.

Ability to communicate effectively with a variety of stakeholders

Strong interpersonal and communication skills

Strong technical writing and presentation skills

Preferred

Embedded system, firmware and IoT security

Vulnerability management on products

Development experience in C#, C or Java

Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE) or Offensive Security Web Expert (OSWE) certification

Cloud security experience

Other

Travel up to 10% domestic and international

Compensation & Total Rewards :

Estimated Starting Salary Range : $110,000 - $120,000

Estimated Starting Salary Range is reflective of the range Bracco Medical Technologies reasonably expects to pay for the position. The range provided is based on salary and market data specific to the position.

Total Rewards :

Paid Time Off, Company Holidays & Paid Family Leave - We provide PTO and Company Holidays to help you recharge, relax and do what's important to you, when it's important to you. Our 100% paid family leave options for parents, grandparents and eligible family members provide support for growing families as well.

Achieve - Beyond competitive compensation, we offer options to help you plan for a financially secure future, including an annual incentive plan and 401k savings plan contributions.

Live well - We offer comprehensive benefit options to help protect you along the way, including medical, dental, vision, and life insurance, employer HSA contributions, employee assistance program, short-term disability, etc.

Evolve - Through structured on-the-job learning, workshops, seminars, and our tuition reimbursement program, you'll find many opportunities to grow, personally and professionally.

Choose - You won't find "stuffy" here-whether your position requires a hybrid or in-the-office working arrangement. That means business casual for your attire and flexibility in your schedule, wherever possible.

Job Location

7905 Fuller Road, Eden Prairie, Minnesota

Tracking Code

1348-432

Salary : $110,000 - $120,000

Apply for this job

Receive alerts for other Product Security Engineer II job openings

Product Security Engineer II

What are the responsibilities and job description for the Product Security Engineer II position at Bracco Medical Technologies?

What is the career path for a Product Security Engineer II?

Job openings at Bracco Medical Technologies

Not the job you're looking for? Here are some other Product Security Engineer II jobs in the Prairie, MN area that may be a better fit.

We don't have any other Product Security Engineer II jobs in the Prairie, MN area right now.

AI Assistant is available now!