Software Engineer at STERIS Corporation in Mentor, OH
Description:
At STERIS, we help our Customers create a healthier and safer world by providing innovative healthcare and life science product and service solutions around the globe. Position Summary Join an organization and a team where you can have an impact on creating a healthier and safer world. As a Senior Software Engineer within the Infection Prevention Technology (IPT) Team you will work within a software development team to achieve and maintain the security of medical equipment connected to local hospital networks and remote applications in the cloud. You will be an active participant in the corporate cybersecurity working group to share best practices, software tools, vendor selection, and other cybersecurity related activities. The Sr. Software Engineer will also support multiple product development and product sustaining teams in security related product requirements, design specifications, risk analysis, and verification, as well as develop work instructions for the maintenance and verification of security for product software. Duties Leads product development teams in the development of a product cybersecurity plans per STERIS work instructions Supports product development teams in creation of product cybersecurity threat model based upon software system design Leads product development teams in creation of cybersecurity vulnerability assessments to calculate CVSS scores and specify risk controls Supports teams in creation of documentation of cybersecurity risk management file Keeps abreast of state of the art cybersecurity practices and latest standards and verification techniques Maintains regular, periodic vigilance of latest vulnerabilities in third party software and works with Regulatory and Quality teams to action to patch or develop work arounds for new vulnerabilities posing unacceptable risk Performs regular, periodic product security testing against STIGs for products sold into DOD medical centers Performs vulnerability scans on all device software prior to production release Patches fielded product software and performs or oversees verification of patched software (static/dynamic analysis, regression testing, vulnerability scans, etc.) Assists product development teams in penetration and fuzz testing of new products containing software Participates in design and code reviews and/or inspections to ensure proper implementation of security control measures defensive coding practices. Maintains MDS2 forms (Manufacturer Disclosure Statement for Medical Device Security) and/or white papers that describe product security characteristics and processes used to ensure a secure product. Required Experience o Bachelor in Computer Engineering, Computer Science, Software Engineering, Electrical Engineering, or Cybersecurity required. (A degree in another Engineering or Scientific discipline may be acceptable with proven software education and/or training and demonstrated software experience.) o Requires 3
years overall of related software engineering experience in development and/or verification Preferred Experience o Certification or training in software security is highly desirable o Significant course work or at least 1 year of direct experience in the cybersecurity field desirable o 3
years experience of software development in C, C++, or C# highly desirable o 2
years experience in network communication interfaces desirable o Experience performing risk assessments desirable
Salary Range:
$80K -- $100K
Minimum Qualification
Software DevelopmentEstimated Salary: $20 to $28 per hour based on qualifications.
At STERIS, we help our Customers create a healthier and safer world by providing innovative healthcare and life science product and service solutions around the globe. Position Summary Join an organization and a team where you can have an impact on creating a healthier and safer world. As a Senior Software Engineer within the Infection Prevention Technology (IPT) Team you will work within a software development team to achieve and maintain the security of medical equipment connected to local hospital networks and remote applications in the cloud. You will be an active participant in the corporate cybersecurity working group to share best practices, software tools, vendor selection, and other cybersecurity related activities. The Sr. Software Engineer will also support multiple product development and product sustaining teams in security related product requirements, design specifications, risk analysis, and verification, as well as develop work instructions for the maintenance and verification of security for product software. Duties Leads product development teams in the development of a product cybersecurity plans per STERIS work instructions Supports product development teams in creation of product cybersecurity threat model based upon software system design Leads product development teams in creation of cybersecurity vulnerability assessments to calculate CVSS scores and specify risk controls Supports teams in creation of documentation of cybersecurity risk management file Keeps abreast of state of the art cybersecurity practices and latest standards and verification techniques Maintains regular, periodic vigilance of latest vulnerabilities in third party software and works with Regulatory and Quality teams to action to patch or develop work arounds for new vulnerabilities posing unacceptable risk Performs regular, periodic product security testing against STIGs for products sold into DOD medical centers Performs vulnerability scans on all device software prior to production release Patches fielded product software and performs or oversees verification of patched software (static/dynamic analysis, regression testing, vulnerability scans, etc.) Assists product development teams in penetration and fuzz testing of new products containing software Participates in design and code reviews and/or inspections to ensure proper implementation of security control measures defensive coding practices. Maintains MDS2 forms (Manufacturer Disclosure Statement for Medical Device Security) and/or white papers that describe product security characteristics and processes used to ensure a secure product. Required Experience o Bachelor in Computer Engineering, Computer Science, Software Engineering, Electrical Engineering, or Cybersecurity required. (A degree in another Engineering or Scientific discipline may be acceptable with proven software education and/or training and demonstrated software experience.) o Requires 3
years overall of related software engineering experience in development and/or verification Preferred Experience o Certification or training in software security is highly desirable o Significant course work or at least 1 year of direct experience in the cybersecurity field desirable o 3
years experience of software development in C, C++, or C# highly desirable o 2
years experience in network communication interfaces desirable o Experience performing risk assessments desirable
Salary Range:
$80K -- $100K
Minimum Qualification
Software DevelopmentEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
