Engineer Sr 1 - Embedded Product Security

Embedded Software Engineer

Arthrex, Inc. is a global medical device company and a leader in new product development and medical education. We are a privately held company that strives to accomplish our corporate mission of helping surgeons treat their patients better. We are committed to delivering uncompromising quality to the health care professionals who use our products, and ultimately, the millions of patients whose lives we impact.

Job Description

• Assist product design and development teams in securing connected and IoT medical devices.
• Participate in architecture reviews, grooming product security requirements, testing for vulnerabilities, and documenting the steps of our Secure Product Development Framework for regulatory submissions.
• Design security architecture of components or functional systems and modify existing designs to improve products.
• Recommend alterations to development and design to enhance product security.
• Develop threat scenarios and design responses for associated vulnerabilities to mitigate risk.
• Maintain design history file for assigned projects, adhering to Arthrex design control procedures.
• Determine the necessity of security testing and initiate testing of assigned products.
• Provide technical support for assigned projects to the Regulatory department as needed.
• Support Marketing and Product Management with technical information for training and marketing of assigned products.
• Collaborate with Software Engineering to design and develop components, processes, and training using Security-by-Design and Privacy-by-Design principles.
• Educate and demonstrate security-focused aspects of assigned products to surgeon and distributor customers as needed.
• Partner with Legal, Compliance, Privacy, and Information Security departments to ensure compliance with required laws, regulations, and policies.
• Report progress and status of assigned projects on a timely basis.
• May be required to travel; international travel may be required.

Requirements

• 5 years of related experience.
• Bachelor's degree required, preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering), Computer Science, Information Security, or Cybersecurity.
• Complete understanding and application of principles, concepts, practices, and standards.
• Knowledgeable of system and software development processes and lifecycles.
• Knowledgeable of application security best practices.
• Knowledgeable of FDA and ISO guidelines for the development of medical devices preferred.
• Proficiency in the use of threat scenarios and risk mitigation techniques preferred.
• Experience in web application security and controls concepts preferred.
• Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred.

Benefits

• Medical, dental, and vision insurance.
• Company-provided life insurance.
• Voluntary life insurance.
• Flexible spending account (FSA).
• Supplemental insurance plans (accident, cancer, hospital, critical illness).
• Matching 401(k) retirement plan.
• Annual bonus.
• Wellness incentive program.
• Gym reimbursement program.
• Tuition reimbursement program.
• Trip of a lifetime.
• Paid parental leave.
• Paid time off.
• Volunteer PTO.
• Employee Assistance Provider (EAP).

All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law.