Product Security Engineer
Location: Hybrid in Wien - Handelskai (BD Cato)
Job Description Summary
This position involves improvements and automation in our ROWA department. Its a cross functional position, we work closely with compliance and regulatory affairs,.
This position will involve very technical aspects, compliance, cyber security, preparation of documents.
Job Description
A career at BD means learning and working alongside inspirational leaders and colleagues who are equally passionate and committed to fostering an inclusive, growth-centered, and rewarding culture. You will have the opportunity to help shape the trajectory of BD while leaving a legacy at the same time.
To find purpose in the possibilities, we need people who can see the bigger picture, who understand the human story that underpins everything we do. We welcome people with the imagination and drive to help us reinvent the future of health. At BD, you'll discover a culture in which you can learn, grow and thrive. And find satisfaction in doing your part to make the world a better place.
Become a maker of possible with us!
We are offering more flexibility! This position can be either full time or part time based on need and individual agreement.
Responsibilities:
- Educate engineering teams to understand security requirements and find practical solutions on how to implement into new and existing products
- Implement software security solutions and architect/design products in accordance with industry accepted standards for medical device security including encryption, disaster recovery, authentication, audit logging, hardening measures, patch management, and vulnerability monitoring.
- Lead product security risk assessments, hazard analysis, and provide vulnerability remediation guidance and mentoring to product development software engineers both on and off-site.
- Lead technical design reviews.
- Assist product development teams in creating Product Security documentation
- Assist product development teams regarding the approval of product security documentation in various document management systems.
- Assist product development teams and co-create Threat Models
- Become a subject matter expert for the security footprint of a product. Manage together with the product development team the security roadmap and keep track of milestones.
- Participate on product security incident response teams.
- Interface with other technical departments such as Penetration Testing Team, Systems, Hardware Engineering, Quality, and technical services
- Assure adherence to BD development policies and software quality procedures
- Supporting the Product Security Documentation process
- Please note this is a fixed term contract with End Date - 30.09.2025
Qualifications:
- BS degree in Computer Science, Computer Engineering, Electrical Engineering, other related engineering field or equivalent work experience required
- Minimum of 3 years of experience in IT-Security architecture, secure software development, systems & architecture concepts, and designs
Required Knowledge, Skills, and Attributes:
- Understand different software development mythologies and embed product security milestones into agile and waterfall development principles.
- Practical experience with Project Management
- Capability to build relationships with key personal in product development teams
- Good understanding of technical IT- and Cybersecurity aspects and the ability to explain technical risks to technical and non-technical audience
- Solid understanding of IT-Security domains
- Highly self-organized and ability to work in a complex matrix organization
- Understanding of networking and related security aspects and common attacks
- Demonstrated understanding of developing in a regulated environment and adhering to a quality management system
- Excellent written and verbal communication and interpersonal skills are essential
- Solid understanding of Microsoft Office products and tools
Nice-to-Haves:
- Experience with Security tools and distributions (BurpSuite, Nessus, NMAP, …)
- Experience with Dynamic and static code analysis tools
- Knowledge of Completing a track Trace and plan using a Security Requirements Traceability Matrix (SRTM) or similar tool with the goal of tracking
- Experience working in a regulated (FDA, MDR) environment with medical instrumentation is a plus
- Work experience in network security along networking fundamentals (IP protocol, firewalls etc.) strongly desired
- Recognized Security certifications (CISSP, CEH, CSSLP etc.)
The minimum annual gross salary for this position is EUR 52.136,- (IT KV ST1 Regelstufe). Based on individual skills and experience, we offer appropriate additional payment.
Click on apply if this sounds like you!
Becton, Dickinson and Company is an Equal Opportunity/Affirmative Action Employer. We do not unlawfully discriminate on the basis of race, color, religion, age, sex, creed, national origin, ancestry, citizenship status, marital or domestic or civil union status, familial status, affectional or sexual orientation, gender identity or expression, genetics, disability, military eligibility or veteran status, or any other protected status.
To learn more about BD visit: https://bd.com/careers