Product Security Engineer - Robotics/Ortho

Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living.

We're on the lookout for hard-working individual who is ready to make an impact in medical equipment industry. If you're eager to be part of a dynamic environment that fosters growth and collaboration, look no further. Explore our latest job opening for Product Security Engineer - Robotics/Ortho role and you will as Product Cybersecurity Engineer - Robotics/Ortho focus on product security tooling, will provide hands on cybersecurity tool engineering in support of the Product Security team with the goal of ensuring Smith + Nephew products and their data is secure and resilient to cybersecurity threats. We encourage you to apply for this exciting opportunity.

What will you be doing?

• Your will collaborate with a diverse cohort of internal stakeholders to design, engineer, and ensure implementation of security tools that are utilized through the entire product lifecycle (e.g. threat model, Static Application Security Testing, Dynamic Application Security Testing, Software Composition Analysis).
• You will be responsible for running security scans (e.g. Static Application Security Testing, Dynamic Application Security Testing, Software Composition Analysis) and support the creation of Software Bill of Materials (SBOMs) based on an understanding of the products and the tools.
• Technical Cybersecurity Architecture and Engineering Services - Lead the strategy and ensure the maintenance of cybersecurity tools in support of multiple Smith + Nephew technologies, capital devices, digital accessories, connected infrastructures and software applications.
• Product Security Testing and Assessment - Lead the execution and integration of cybersecurity testing and assessment activities throughout the development lifecycle - which includes but is not limited to Static Application Security Testing, Dynamic Application Security Testing, and Software Composition Analysis.
• Vulnerability response support - Provide technical expertise in evaluating and assessing potential vulnerabilities, support vulnerability response efforts, and effectively communicate risks and mitigation strategies to the business.
• Secure-Software Development Life Cycle - Help develop and mature Global Product Security Strategy and Secure-Software Development Life Cycle (S-SDLC) to ensure robust cyber security controls are present and effective in our products from product conceptualization through commercial launch and ultimately product/product family decommissioning.
• Threat model - Provide technical leadership and competency in creating comprehensive threat models using industry-standard methods in close collaboration with the product teams and the product security engineers.

What will you need to be successful?

• Education: Bachelor's or equivalent experience or Master’s degree in Computer Science or Information Technology.
• Licenses/Certifications: Current CISM, CISSP, CRISC, or similar certification preferred.
• Experience: Minimum 3+ years of experience in hands-on cybersecurity experience.
• Strong understanding of mitigating security controls.
• Vulnerability Management, Penetration Testing, Code Security.
• Good to have - FDA and other medical device regulators experience. Knowledge of cyber security standard frameworks such as HIPAA, FDA, ISO 27001/2, NIST CSF, and OWASP.
• Understanding of network infrastructure, including firewalls, web proxy and/or email architecture- particularly as they apply in a mitigating control functionality.
• Experience with different cloud computing platforms and the cloud security framework. Ability to design, recommend, plan, guide, and support implementation of innovative security solutions.
• Understand the current Medical Device market, including what customers want to see with regards to product security.
• Understanding of back-channels typically used by threat actors for malicious activity. Understanding of different connectivity protocols and any risks involved with them.
• Superb communication, collaboration, and relationship building and collaborator engagement skills. Experience in being able to manage and prioritize multiple tasks in an effective manner.
• Ability to work independently and proactively without daily direction.
• Working from Office for 2 days - Hybrid - Kharadi, Pune.
• Shift Timings - UK shift (12:30 PM to 9:30 PM IST).

You. Unlimited.

We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion + Belonging - Committed to Welcoming, Celebrating and Thriving. Learn more about our Employee Inclusion Groups on our website https://www.smith-nephew.com/

Other reasons why you will love it here!

• Your Future: Major Medical coverage + Policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents / Parents in Law’s Insurance, Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances.

#YS1

Stay connected by joining our Talent Community.

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.  

Check us out on Glassdoor for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our website and learn more about our mission, our team, and the opportunities we offer.