Cybersecurity Engineer

Together, we can beat cancer.

At Varian, a Siemens Healthineers Company, we bring together the world's best talent to realize our vision of a world without fear of cancer. Together, we work passionately to develop and deliver easy-to-use, efficient oncology solutions.

We are part of an incredible community of scientists, clinicians, developers, researchers, professionals, and skilled specialists pushing the boundaries of what’s possible, to improve people’s lives around the world. We embrace a culture of inclusivity in which the power and potential of every individual can be unleashed. We spark ideas that lead to positive impact and continued success.

If you want to be part of this important mission, we want to hear from you. 

As a Cybersecurity Engineer, you will be a member of the Cybersecurity Security team with the objective to ensure that Varian products, services, solutions and associated data are protected from cybersecurity threats throughout the entire life-cycle.

You deliver expert architecture design and tactical technical support across Varian portfolio. Your focus will be first and foremost on medical devices, with extended support software and service solutions.

Your day-to-day work will be to help establish and improve the security inspection capabilities within the product development pipelines and monitor the security of Varian’s products in the market. You will utilize existing tools, methodologies and strategies as well as devise any custom integrations and techniques to meet the demands of the Varian engineering systems.

Responsibilities:

• Help identify and implement solutions to effectively address security & privacy challenges.
• Perform threat, vulnerability, and risk assessments for Varian product, work with engineering teams to design and prioritize mitigating solutions.
• Create, maintain, and document security baselines with help of relevant tools/guidelines.
• Support comprehensive security assessments (e.g. Product Penetration Testing), analyze and capture results.
• Defines cybersecurity requirements to integrate cybersecurity standards into the design input
• Organizing the cybersecurity community and help with onboarding and training new cybersecurity colleagues into the product teams 
• Independent reviewer of Product cybersecurity deliverables
• Improve the cybersecurity process and embed it into the product lifecycle process including updating the process with latest regulatory and compliance rules.
• Monitor product cyber-security threats and vulnerabilities, perform planned and on-demand Cybersecurity Risk Assessment for all customer products

Requirements:

• Deep knowledge of cyber security and hands-on experience with relevant tools/methodologies.
• Experience with: Threat Modeling, Vulnerability management, Cybersecurity Risk Management, Penetration Testing
• Bachelor’s degree in Cybersecurity, software engineering, computer science, related discipline, or equivalent experience.
• Excellent communication and teamwork skills, with fluent written and spoken English.
• Certifications in network and security administration such as CISSP, CISA or TOGAF certification are a plus.
• Java, C#, C++, Python programming - programming or scripting capabilities/experience

#LI-OS1

#LI-Hybrid

Varian is required to comply with all local and applicable regulations that may be associated with vaccine requirements for certain roles.