We are seeking a working experience in either security testing, cybersecurity audit / advisory / consulting

Mandatory Skill

• Extensive working experience in either security testing, cybersecurity audit / advisory / consulting
• In-depth knowledge of Application Security and Infrastructure Security
• Experience in healthcare or medical device security.
• Must have expertise in Cyber Threat Intelligence, Threat Modelling, and Risk Management
• Product Security , SDLC security
• Should have proficiency in Network Penetration Testing, Vulnerability Assessment, and security product evaluation.
• Should have good communication skills.

Key Responsibilities:

• Conduct manual penetration testing of medical devices, software as a Medical Device (SaMD), and other healthcare software products & services
• Perform cybersecurity verification and validation (V&V) testing of the medical device or the healthcare product
• Utilize tools such as Veracode, Coverity, Black Duck, Burp Suite Pro, Postman, Tenable Nessus / Qualys, Nmap, Netsparker, Metasploit, SQLMap, Kali Linux tool suite and custom scripts through command line depending on the scope of the assessment to identify and/or exploit vulnerabilities and weaknesses
  
• Conduct security controls assessments and security risk assessments on new technologies and existing information systems in the Cloud and on-premise
• Responsible for secure product using risk analysis, threat modeling, source code analysis and penetration testing and vulnerability assessment
• Perform Cloud Infrastructure assessments e.g. AWS/ AZURE
• Provide cybersecurity advisory and support during the development stages of software systems, networks
• Manage comprehensive vulnerability management systems across all assets on-premise and in the Cloud
• Proactively implement security measures and controls within organizations, weighing the consequences of any action
• Protect system by defining access privileges, control structures, and resources
• Recognize problems by identifying abnormalities, report violations
• Implement security improvements by assessing current situation, evaluating trends, anticipating requirements
• Lead and manage the Cybersecurity team for the account.
• Work Closely with Client.

Desired skill

• Strong knowledge of the FDA Cybersecurity Risk Management Framework (RMF) will be an added advantage
  Knowledge of HIPAA, GDPR, US DoD, and other relevant cybersecurity compliance criteria
• Threat Modeling is preferred.
  Expertise in Cloud Security, and Application Security Architecture Review is preferable.

Experience: -

12+ Years experience

Location: -

Lake Forest, CA(Dayone Onsite)

Educational Qualifications: -

Bachelor's or Master's degree in Life Sciences, Computer Science, Engineering, or related fields.

Disclaimer: E-Solutions Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. We especially invite women, minorities, veterans, and individuals with disabilities to apply. EEO/AA/M/F/Vet/Disability