Product Security Specialist

Project

In this project you will join an international team working on networked and interoperable system, that is actively contributing in providing innovative solutions used in hospitals and large clinics.

Work

As a Product Security Specialist, you will be coordinating requirements and activities with Cross Functional Teams and Product Security Manager to get the needed improvements included in next available release. At the same time, you will be responsible for analyzing software products regarding cybersecurity risks, identifying attack targets, attack vectors and security gaps, assessing their severity and designing suitable security measures. You will also have to translate global standards, regional laws and international approval regulations for the development teams of our products as well as focus on the security-relevant technical and regulatory aspects of the software and be responsible for the associated approval-relevant documentation.

For this position we are looking for a Specialist who has knowledge in the field of cyber security as well as:

• Knowledge of common methods and techniques in theory, e.g. threat analysis according to STRIDE and the assessment of security gaps using CVSS
• Experience with threat modeling, security risk evaluations, and vulnerability assessments for new and existing products and systems. Prior experience facilitating the identification and prioritization of security risks
• Experience overseeing security related activities, such as penetration testing and vulnerability scanning. As well as, analyzing results to identify security gaps and provide actionable recommendations to ensure compliance with security requirements
• Experience with international standards such as NIST, FDA Cybersecurity Guidance, IEC 81001-5-1, 60601-4-5 and ISO 27001 would be considered a big plus. Experience in creating, updating and posting Manufacturer Disclosure Statements for Medical Device Security (MD32) and other required customer-facing documents as required in company cybersecurity processes would be a plus
• Possesses fluent English skills.

Our offer

• Support – You will have a QuaDigi buddy by your side
• Flexibility – Flexible working hours, vacation schedule, remote or onsite work
• Online and offline training/workshops and other knowledge sharing possibilities
• Additional health and personal accident insurance
• Snacks and fun activities in the office
• Additional time off
• Sport budget
• Loyalty benefits and perks
• Agile, friendly and international environment
• Gross salary in a range of 3800 - 5600 Eur (based on competency levels in accordance with the company’s internal salary policy).