Senior Principal Product Security Engineer, Cloud (Remote)

Apply for this position Please mention DailyRemote when applying
Posted 11 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description

Work Flexibility: Remote or Hybrid or Onsite

Product Security is driven to make healthcare better by ensuring that Stryker designs, develops and maintains industry leading cyber secure products for our customers. The enterprise program defines and governs the implementation and maintenance of security across the global product portfolio. These efforts enable Stryker to improve quality, while protecting the security, integrity, and resilience of our life-saving solutions.

What you will do-

The Senior Principal Product Security Engineer will report to the Head of Product Security and provide support across Stryker global businesses. In this role you will have the capability to directly influence technical innovation and enhance security maturity of our connected, software enabled products.
  • Monitor global regulatory changes and emerging technologies related to Medical Device Software (MDSW) and Medical Device Data Systems (MDDS).
  • Actively participate in standards working groups and reviews (i.e. AAMI, NH-ISAC, AdvaMed, ISO, etc.).
  • Acts as subject matter expert for Product Security focused on Stryker cloud technology components, resources, and services.
  • Research, select, test, and implement new technologies and tools that will be used to advance security across the company.
  • Facilitate the creation and/or implementation of technical requirements, solutions, tools, technical requirements, that enable a secure, regulatory compliant environment and applications.
  • Act as subject matter expert and consult, as necessary, with new product development (NPD) and sustain teams.
  • Prepare, publish, and train internal resources on key technologies, technical security requirements, and risks.
  • Advise leadership and development teams on the implementation security controls and capabilities necessary to support industry-leading security of cloud environment, services, and data protection..
  • Guide software technology and architecture standards related to Product Security (Software requirements specifications, Software Architecture Diagrams, Risk mitigation traceability).
  • Follows established quality measures to assess overall success of team and information security program and provides reports to leadership. Recommends changes to established quality measurements as appropriate.
  • Encourages ongoing skill development by providing opportunities for continued education.


What you need-

Minimum Qualifications:
  • Bachelor's Degree in Computer Science, Information Systems, Engineering or related field is required. (An advanced degree is preferred).
  • 10+ years of experience in product cyber security, software design, or embedded software engineering is required.


Preferred Qualifications:
  • Direct experience with Microsoft Cloud very strongly preferred
  • Strong, demonstrable security architecture, policy, and service experience with Microsoft Azure.
  • Knowledge of ISO/IEC, NIST, EU MDR/MDCG standards and requirements.
  • Knowledge of Secure Software Development Processes and Lifecycle for new product development
  • Experience in the integration of security integration in DevOps (DevSecOps)
  • Experience with risk management methodologies, trending, design control, threat modelling, vulnerability ranking, and product enhancements (bug fixes/ patch delivery)
  • Experience in developing and delivering detailed training and presentations
  • Demonstrated experience in developing and streamlining key aspects of quality system procedure definition to ensure compliance with applicable regulations
  • Experience with incident response teams and efforts, including documentation
  • Demonstrated knowledge of networks and network troubleshooting techniques
  • Demonstrated knowledge of SW Licensing and configuration management
  • Demonstrated knowledge of Program/Project Management
  • Experience in supporting regulatory compliance requirements and industry certifications (HITRUST, SOC2, ISO27k) are preferred.
  • CISSP, CSSLP, CCSP or Azure Security Engineer/AWS Certified Security, CEH or LPT or other security specific certifications are preferred.


This job may be performed remotely from anywhere in the United States, except that this job may not be filled or performed in Colorado.

#DREengineering

Travel Percentage: 10%

Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer - M/F/Veteran/Disability.

Stryker Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

Stryker is driven to work together with our customers to make healthcare better. In order to fulfill our commitment as a federal contractor, while focusing on the health and safety of our employees and those that we serve, Stryker is encouraging US employees as well as all new US employees joining our company to be fully vaccinated against COVID-19. Today or in the future, vaccination may be a requirement based on the essential functions of the specific role or applicable regulations. Please refer to our COVID-19 Vaccination Requirements FAQs page for current vaccination and/or reasonable accommodation requirements and timelines.