We are seeking a working experience in either security testing, cybersecurity audit / advisory / consulting

Mandatory Skill

• Extensive working experience in either security testing, cybersecurity audit / advisory / consulting
• In-depth knowledge of Application Security and Infrastructure Security
• Experience in healthcare or medical device security.
• Must have expertise in Cyber Threat Intelligence, Threat Modelling, and Risk Management
• Product Security , SDLC security
• Should have proficiency in Network Penetration Testing, Vulnerability Assessment, and security product evaluation.
• Should have good communication skills.

Key Responsibilities:

• Conduct manual penetration testing of medical devices, software as a Medical Device (SaMD), and other healthcare software products & services
• Perform cybersecurity verification and validation (V&V) testing of the medical device or the healthcare product
• Utilize tools such as Veracode, Coverity, Black Duck, Burp Suite Pro, Postman, Tenable Nessus / Qualys, Nmap, Netsparker, Metasploit, SQLMap, Kali Linux tool suite and custom scripts through command line depending on the scope of the assessment to identify and/or exploit vulnerabilities and weaknesses
• Conduct security controls assessments and security risk assessments on new technologies and existing information systems in the Cloud and on-premise
• Responsible for secure product using risk analysis, threat modeling, source code analysis and penetration testing and vulnerability assessment
• Perform Cloud Infrastructure assessments e.g. AWS/ AZURE
• Provide cybersecurity advisory and support during the development stages of software systems, networks
• Manage comprehensive vulnerability management systems across all assets on-premise and in the Cloud
• Proactively implement security measures and controls within organizations, weighing the consequences of any action
• Protect system by defining access privileges, control structures, and resources
• Recognize problems by identifying abnormalities, report violations
• Implement security improvements by assessing current situation, evaluating trends, anticipating requirements
• Lead and manage the Cybersecurity team for the account.
• Work Closely with Client.

Desired skill

• Strong knowledge of the FDA Cybersecurity Risk Management Framework (RMF) will be an added advantage
  Knowledge of HIPAA, GDPR, US DoD, and other relevant cybersecurity compliance criteria
• Threat Modeling is preferred.
  Expertise in Cloud Security, and Application Security Architecture Review is preferable.