Job Title: Cyber Security Lead

Experience: 12+ years

Location: Lake Forest, CA

What is in it for you?
We are seeking a seasoned professional with extensive experience in security testing, cybersecurity audits, advisory, and consulting.

Mandatory Skills:

• Extensive experience in security testing, cybersecurity audits, advisory, or consulting.
• In-depth knowledge of Application Security and Infrastructure Security.
• Experience in healthcare or medical device security.
• Expertise in Cyber Threat Intelligence, Threat Modeling, and Risk Management.
• Proficiency in Product Security and SDLC security.
• Strong skills in Network Penetration Testing, Vulnerability Assessment, and security product evaluation.
• Excellent communication skills.

Key Responsibilities:

• Conduct manual penetration testing of medical devices, Software as a Medical Device (SaMD), and other healthcare software products & services.
• Perform cybersecurity verification and validation (V&V) testing for medical devices or healthcare products.
• Use tools such as Veracode, Coverity, Black Duck, Burp Suite Pro, Postman, Tenable Nessus/Qualys, Nmap, Netsparker, Metasploit, SQLMap, and Kali Linux tool suite, alongside custom scripts to identify and exploit vulnerabilities.
• Conduct security control assessments and security risk assessments on new technologies and existing systems in the Cloud and on-premises.
• Ensure secure products through risk analysis, threat modeling, source code analysis, penetration testing, and vulnerability assessments.
• Perform Cloud Infrastructure assessments (e.g., AWS, Azure).
• Provide cybersecurity advisory and support during software system and network development.
• Manage comprehensive vulnerability management systems across all on-premise and Cloud assets.
• Implement proactive security measures and controls, considering organizational impacts.
• Protect systems by defining access privileges, control structures, and resources.
• Identify and report abnormalities and violations in systems.
• Implement security improvements by assessing current situations, evaluating trends, and anticipating requirements.
• Lead and manage the Cybersecurity team for the account.
• Work closely with the client to ensure robust cybersecurity practices.

Desired Skills:

• Strong knowledge of the FDA Cybersecurity Risk Management Framework (RMF) is an advantage.
• Knowledge of HIPAA, GDPR, US DoD, and other relevant cybersecurity compliance criteria.
• Threat Modeling experience (preferred).
• Expertise in Cloud Security and Application Security Architecture Review (preferred).

Educational Qualifications:

• Bachelor's or Master's degree in Life Sciences, Computer Science, Engineering, or related fields.