Lead Senior Software Engineer – Cyber/Product Security
Are you looking for a role in a global medical technology company that researches creates and develops specialised devices, software solutions and systems that save and improve lives. At BD you will be part of a Global team with one mission, improving access to groundbreaking medical and biotechnology services. Working at BD, you can be confident that you will be advancing the world of health, helping all people live healthy lives.
We are looking for talented individuals like you to join our new research and development (R&D) Centre of Excellence in Limerick. Positions include product and software development, clinical research instrumentation and prototype development, primarily for our Life Sciences segment.
If this sounds like you and you’re eager to play a part in BD’s exciting journey we have a place for you. Here you’ll find cutting-edge technology and the creative environment you need to be inspired and tap into your inner genius. Join us and be amazing.
We are looking for a talented Lead Senior Software Engineer to manage a team responsible for implementing a product security framework supporting existing and future medical instrumentation and software. The candidate will need to possess software development skills specifically related to implementation of security requirements and secure coding standards, e.g., NIST SP 800-53, ISO/IEC 27001, OWASP, SEI CERT, and MS Secure Coding Standards. The candidate shall be able to evaluate product designs and provide solutions to remediate security vulnerabilities through product security risk assessments, vulnerability scans, and static code analysis. In addition to security solutions for new product development, the role requires remediating vulnerabilities with existing products which requires detailed attention to implementation and product risk. The Cyber/Product Security Software Engineer will participate in a full medical software development life cycle and adhere to a quality management system.
DUTIES AND RESPONSIBILITIES:
- Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers.
- Implement software security solutions and architect/design products in accordance with industry accepted standards for medical device security including: encryption, recovery, authentication, audit logging, hardening measures, patch management, vulnerability monitoring, and antivirus/antimalware.
- Develop and administer software engineering procedures and training for vulnerability scans and static code analysis
- Assist product development teams in creating Incident and Vulnerability Management Plans and Product Security White Papers
- Participate on product security incident response teams.
- Interface with other technical departments such as Penetration Testing Team, Systems and Hardware Engineering
- Interface with Quality and Technical Service
- Demonstrate proper secure coding practices driving standards within the software engineering organization
- Collaborate with other BD resources to ensure effective design and implementation goals.
- Lead technical design reviews and code inspections. Provide clear, actionable feedback for project team members
- Assure adherence to policies and software quality procedures
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, or other related engineering field is required
- Experience of leading and managing a team
- Minimum of 5 years of experience in software development, systems & architecture concepts and designs
- Minimum of 5 years work experience in product development
- Minimum of 5 years work experience with C#/.NET development
- Minimum of 3 years work experience using secure coding practices
- Experience with TCP/IP, encryption, and socket development
- Knowledge of Windows networking fundamentals (IP protocol, switches, routers)
- Demonstrated understanding of developing in a regulated environment and adhering to a quality management system
- Excellent written and verbal communication and interpersonal skills are essential
- Demonstrated positive work ethic with a strong commitment to achieving project goals
- Experience working in a regulated (FDA) environment with medical instrumentation is a plus
- Candidate for or certification in InfoSec Security are a plus, e.g., CISSP, CSSLP
- Experience with static code analysis tools
- Work experience in network security strongly desired
Becton Dickinson is a global medical technology company. We create specialized devices, solutions and systems for different needs across the healthcare continuum. But we serve all of them with one single and relentless human purpose: advancing the world of health. This single purpose drives each of our employees around the world in making a difference in the lives of millions.
We are expanding our footprint across Ireland which a new state of the art office opening in the next few months. Join us and be part of a passionate team of individuals dedicated to improving the lives of people all around the world.
Our people have discovered the difference, now its your turn!