Senior Product Security Engineer
Olympus
- Brooklyn Park, MN
- $91,506-123,532 per year
- Permanent
- Full-time
- Plan, test, and implement advanced software security techniques in compliance with technical reference architecture.
- Organize on-going security testing and code review to improve software security.
- Detect, troubleshoot, and debug issues that arise.
- Prepare engineering designs and implement software solutions to help mitigate security vulnerabilities.
- Participate in the agile team's work at all levels of the architecture, development, testing.
- Develop and contribute to the maintenance of product threat models and security risk management activities through the pre-market phase.
- Serve as subject matter expert to the development teams, be security minded and raise the level of understanding and compliance.
- Collaborate with the team on the security testing strategy for newly developed and current Digital Unit products, which will include concepts such as, static code analysis, dynamic analysis, fuzz testing, compliance testing, penetration testing, etc.
- Provide help and consulting to team members on secure coding practices.
- Understand and apply all Olympus Quality System guidance related to product security.
- Ensure compliance with regulatory requirements, industry standards, and internal policies governing product security.
- Stay informed about new tools, regulations, standards, and best practices of the industry.
- Bachelor's degree in computer science, information technology, cybersecurity, or related area required, or minimum of 5 years' experience in a relevant industry.
- Minimum of 2 years' experience working as a Software Security Engineer position or minimum of 5 years' experience as a Software Engineer required.
- Other Considerations (travel/hours availability, etc.): Occasional travel may be required.
- Work time outside of “normal” work hours may be required from time to time.
- Experience with embedded technology and software security.
- Experience in using Secure Software Development Lifecycle (SSDLC) within agile framework.
- Expertise in threat modelling, security risk management, secure coding, secure system development, and DevSecOps
- Knowledge of application security and code analysis tools such as Veracode, SonarQube, BlackDuck, Cyberspect, Nessus or similar.
- Experience with security techniques, standards, and methods for authentication and authorization, applied cryptography, security vulnerabilities and remediation in Windows .NET and Azure environments.
- Knowledge of government and industry standards, guidance's and frameworks applicable to product software development such as NIST Cybersecurity Framework, OWASP, HIPAA, GDPR, SANS/CWE and/or CERT.
- Solid technical background and understanding of all aspects of security research and development.
- Excellent analytical and troubleshooting skills.
- Ability to work both independently and in a team environment.
- Excellent communication skills, oral and written.
- Able to work in a multi-discipline collaborative environment to include international colleagues and Olympus partners.
- Competitive salaries, annual bonus and 401(k)* with company match
- Comprehensive Medical, Dental, Visions coverage effective on start date
- 24/7 Employee Assistance Program
- Free virtual live and on-demand wellness classes
- Work-life balance supportive culture with hybrid and remote roles
- 12 Paid Holidays
- Educational Assistance
- Parental Leave and Adoption Assistance
- Volunteering and charitable donation match programs
- Diversity & Inclusion Programs including Colleague Affinity Networks
- On-Site Child Daycare, Café, Fitness Center**