Overview:As a Product Security Engineer (PSE), you will play a critical role in the development of our medical devices by overseeing all aspects related to product security. You will be responsible for implementing security measures, conducting risk assessments together with the Product Security Risk Manager (PSRM), and ensuring compliance with industry regulations and standards. Your expertise will be essential in safeguarding our products against potential threats and vulnerabilities, thereby protecting patient safety and confidentiality.Key Responsibilities: Security Concept and Planning:Collaborate with cross-functional teams to develop a comprehensive security plan ensuring the security of our medical devices as part of the development activity. Define security requirements depending on the product’s risk level, technological complexity and usage context. Process Compliance:Ensure that Olympus internal PS processes are followed an executed at an appropriate level for quality and diligence. Consider industry best practices and usage of state of the art technology. Risk Assessment:Conduct thorough risk assessments to identify potential security vulnerabilities and threats together with the PSRM throughout the product development lifecycle. Utilize risk management frameworks to prioritize and address identified risks effectively. Security Architecture Design:Design and implement robust security architectures for our medical devices, including encryption protocols, access controls, and authentication mechanisms. Ensure that security measures are integrated seamlessly into the product design. Security Testing and Validation:Coordinate security testing activities, including penetration testing, vulnerability scanning, and code reviews, to evaluate the effectiveness of security controls. Analyze test results and collaborate with development teams to address any identified issues. Incident Response and Remediation:Be the contact person for the Product Security Manager (PSM) in case of incidents or identified vulnerabilities. Coordinate the investigation of incidents and vulnerabilities and the implementation of remediation measures within R&D. Security Awareness and Support:Promote a culture of security awareness within the project team. Support team members in developing secure products.Qualifications: Bachelor’s or Master’s degree in Computer Science, Information Security, Software Engineering or related field. Experience in product security engineering, preferably in the medical device industry. Knowledge of security principles, protocols, and technologies, including encryption, authentication, and network security. Familiarity with regulatory requirements and standards relevant to medical device security, such as FDA premarket guidance and IEC 62304 and 81001. Analytical and problem-solving skills, with the ability to conduct thorough risk assessments and develop effective security strategies. Excellent communication and collaboration skills, with the ability to work effectively across multidisciplinary teams. Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.
Job Title
Product Security Specialist