Posted in

Senior Embedded Product Security Engineer

Senior Embedded Product Security Engineer

CompanyIntuitive Surgical
LocationSunnyvale, CA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s, Master’s, PhD
Experience LevelSenior

Description

Job Description

Primary Function of Position

The Sr Product Security Engineer will contribute broadly to the Product Security Team and product development groups by conducting security testing and review of Intuitive Surgical products. The primary functions of the position include validation and verification of the security solutions and features in our current and next generation surgical robotic systems. The successful candidate must excel in a high-energy team environment and have a commitment to high product quality throughout the product lifecycle.

Responsibilities

  • Development of product security design validation and verification methodologies.
  • Develop and execute product security test strategies and test plans.
  • Contribute to security evaluation and threat assessments of a wide range of Intuitive Surgical products.
  • Document and verify the existing security mitigations and identify if additional mitigations are required for Intuitive Surgical products.

Qualifications

Required Skills and Experience

  • Minimum of 8 years of related experience and a Bachelor’s degree; or 6 years of experience and a Master’s degree; or a PhD with 3 years of experience; or equivalent experience
  • In-depth knowledge of security concepts regarding device, operating systems, firmware and software security
  • Minimum of 3 years of experience with C/C++ development and scripting with Python and Bash
  • Experience on security verification and testing associated with device interfaces including USB, JTAG, serial ports, UART, SPI, CANBUS, Ethernet and Wi-Fi
  • Knowledge of TCP/IP, Networking and Public key cryptography
  • Experience on security validation and verification practices, techniques, and tools such as Kali Linux, Wireshark, nmap, and Metasploit
  • Experience with secure coding practices, code reviews and vulnerability triage
  • Familiarity with product security assessments, threat modeling, and risk analysis
  • Security Certifications such as OSCP or CEH is a plus
  • Excellent documentation and communication skills

Preferred Skills and Experience

  • Experience with Medical Device Industry regulations pertaining to Cybersecurity
  • Experience working with third-party penetration testing vendors

Benefits

Not Specified