Senior Software Product Security Engineer • Product Security Engineering

Work Flexibility: Hybrid

This role will establish technical expertise for the Product security QMS in collaboration with Design Quality Digital group for Stryker T&E digital product 

portfolios (Trauma, Foot & Ankle, Upper Extremities). The position requires a strong partnership with product 

Development teams to ensure time-to-market, customer requirements, and technology objectives are met while ensuring compliance with global quality and regulatory requirements related to Product security. Will support the process owner – Product Security in establishing, implementing, and maintaining Global Regulatory and Quality processes and documents supporting our Global QMS and the divisional QMS. 

What will you do:

Primary Responsibilities 

• Assist in the facilitation of internal and third-party audits as needed. 

• Should be capable of interpreting industry standards and government regulations to drive the implementation of world-class processes that may provide resources and/or help to remove obstacles to team accomplishments. 

• Should have Design Controls expertise for product development projects from inception through successful Design 

• Should have a basic understanding of product security & Risk Management strategies. 

• Recommend efficiency and process improvements to product security capabilities and functions. 

• Collaborate with product teams to assess security risks. Able to clearly convey design control and Product Security-related issues to stakeholders. 

• Creating Gap assessment between different processes and fulfilling the Gaps 

• Communicate the security gaps to leadership and propose mitigation solutions.  

What You Need:

Knowledge/competence 

• 5-8 years. Basic level Expertise in applying security control frameworks, security risk assessments, and scoring the severity of security threats and vulnerabilities. 

• Effective verbal and written communicator and consensus-builder 

• Demonstrated technical problem-solving skills.Strong QMS and SDLC (software development life cycle) understanding.  

• Basic Understanding of the vulnerability management life cycle. Experience of working in a regulated medical organization. 

Good to have 

• ISO 13485 standard .Experience in New Product Development for Software and/or Systems preferred 

• FDA Cybersecurity guidance (including FD&C 524B and eSTAR updates) 

• Hands on experience in using Agile methodology. 

• Understands security risk management processes preferably in the healthcare or medical device industry 

Travel Percentage: None