Product Security Architect

Product Security Architect RESPONSIBILITIES This position is responsible for designing and implementing software security controls in an implantable neuromodulation system, including: * mobile applications used by physicians and patients, * firmware for implantable pulse generators and communication wands, * supplemental services, such as cloud-based keystores, continuous deployment pipelines, and mobile device management tools.

PRIMARY ACTIVITIES * Lead the product security team for Neuromodulation R&D * Conduct application security assessments, threat modeling, quantitative vulnerability analysis and architecture reviews.

* Work with software development, product management, quality, and regulatory personnel to ensure that LivaNova's product security policies and procedures are fully integrated within our products and services.

* Assist with security testing of products, including internal penetration testing and working with third-party security assessment and pen testing vendors.

* Analyze software, firmware, and hardware for security vulnerabilities and collaborate with developers and infrastructure teams to plan/implement security controls.

* Document compliance of security controls to regulatory guidelines and standards.

* Author externally facing security communications, such as design documents for regulatory bodies, cybersecurity bill of materials, manufacturer disclosure statements.

REQUIREMENTS AND QUALIFICATIONS * 6+ years of experience in product security in a large organization * Excellent knowledge of Information Security standards, frameworks, and standard methodologies for product security * Solid understanding of Cybersecurity with software/application or product development * Prior experience with threat modeling and hazard-analysis frameworks such as STAMP, STRIDE etc.

* Knowledge of software development lifecycle * DevSecOps mindset and experience integrating security tools into CI/CD pipelines.

* Experience in making security design trade-offs (e.g.: complexity vs.

speed vs.

vulnerability). * Proficiency in writing protocols, reports, and engineering documentation * Experience working in a regulatory environment NICE TO HAVE * Experience in Medical device industry and HIPAA regulations * BS or MS in Electrical Engineering, Computer Engineering, Computer Science, Biomedical Engineering, or a related field.

Position type: contract to hire Duration 6 Months CTH Rate:/Salary: DOE Location: Anywhere in USA, remote is ok No Sponsorship Employee benefits once fulltime : * Health benefits Medical, Dental, Vision * Personal and Vacation Time * Retirement & Savings Plan (401K) * Employee Stock Purchase Plan * Training & Education Assistance * Bonus Referral Program * Service Awards * Employee Recognition Program * Flexible Work Schedules