Product CyberSecurity Engineer - Robotics

Work Flexibility: Hybrid or Onsite

If you are looking for a role where you can help provide a unified ecosystem of tools and shared security services during the product life cycle to proactively manage security and data risks related to Stryker's products services and customers then

It's Time to join Stryker!

Who We Want

Collaborative partners. People who build and leverage cross-functional relationships to bring together ideas, information, use cases, and industry analyses to develop best practices.

Goal-oriented developers. Keeping the customer and system requirements squarely in focus, people who deliver safe and robust solutions.

Dedicated achievers. Relentless about quality, people who thrive in a fast-paced environment and will stop at nothing to ensure a project is complete and meets regulations and expectations.

What You Will Do

As a Product Cybersecurity Engineer, you will participate in project planning, product cybersecurity risk analysis, and risk mitigation strategies. You will lead various product cybersecurity tasks and activities established by product design controls and SDLC procedures. You will be involved in all facets of the robotics and enabling technology product development life cycle.

• You will perform cybersecurity risk analysis and threat modeling and develop mitigation strategies.
• You will work closely with cross-functional teams, including Quality, Regulatory, and Marketing, in driving alignment around product Cybersecurity and HIPAA compliance
• You will provide input to project management on scheduling, milestone achievement, and project challenges.
• You will manage all facets of product hardware, and software security, including systems hardening, automated and manual penetration testing, automated vulnerability scanning for compliance and issue remediation.
• You will perform manual and automated code reviews for complex embedded and clinical application software to identify security flaws.
• You will integrate automated security testing into all phases of SDLC.
• You will automate routine tasks and extract valuable data using various scripting languages such as PowerShell, Ruby, or Python.
• You will support device HIPAA features and design considerations.
• You will implement best practices in the product cybersecurity architecture around security systems, including improper access control, code injection, information exposure, firewalls, and multi-factor authentication.
• You will support cybersecurity documentation requests from legal and sales teams on an as-needed basis.

What You Need

• 2+ years of experience in embedded or application software or equivalent required
• Bachelor's in Computer Science, Electrical Engineering or related discipline required. Advanced degree preferred.

What We Would Love That You Have (Preferred)

• Experience with security architecture & design, data security, malware analysis, vulnerability assessment, and penetration testing using off-the-shelf tools and techniques highly preferred.
• Understanding one or more security standards/frameworks like NIST 800-53, IEC80001-2-8, IEC 27002, ISO 27799, IEC 15408-2, and IEC 62443-3-3.
• Solid understanding of Windows and Linux operating systems.
• Solid understanding of OS and Software Patch Management.
• Solid understanding of software configuration management tools and one or more programming/scripting languages.
• Experience in securing medical devices or embedded devices.
• Understanding of cloud based environments like Azure and AWS (Amazon Web Services).
• Understanding of IPv4, IPv6, LDAP, and Active Directory Services hosted on Windows/Linux Server.
• Understanding authentication and authorization strategies, firewalls.
• Understanding network infrastructure, including switches, routers, firewalls, and TLS or SSL
• Experience in quality standards like IEC 62304, IEC 60601, and 21CRF 820

Travel Percentage: 10%

Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer - M/F/Veteran/Disability.

Stryker Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.