This role is embedded in the product development life cycle and ensures that Secure by Design, Privacy by Design, and threat modeling activities are carried out as part of the Secure Software Development Life Cycle (SSDLC).
Individuals in this role engage with architects, technical leads, and R&D engineering and development teams to ensure security and privacy considerations are addressed early in the product development cycle.
They collaborate with architects to identify appropriate security solutions, balancing security risk and business impact.
The position emphasizes application security and product security risk management, with basic exposure to AI security considerations where AI/ML components are used.
1.1 Key Responsibilities
Embed product security and privacy requirements into the design and development of medical devices and healthcare applications.
Perform threat modeling (e.g., STRIDE, OWASP, MAESTRO) and product security risk assessments across all development phases.
Assist business units in defining and implementing product security and privacy practices, including policies, standards, guidelines, and procedures.
Verify that defined security and privacy requirements are implemented correctly and that controls operate as intended.
Conduct security design reviews, code/security assessments, and compliance reviews for applications and product software.
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.