Engineer II, Cybersecurity and S/W Quality

Responsible for identifying, investigating, and mitigating advanced cyber threats, including insider risks and data loss incidents. Cyber Investigations: Focus on conducting full-spectrum threat analysis resulting from CND Intelligence Operations information, threat reporting, and ongoing incidents affecting the enterprise from advanced cyber threats. Encourages investigations and research initiatives to move toward a more proactive state, resulting in advanced warning of cyberattacks, enhanced understanding of adversary collection requirements, and new threat indicators that facilitate proactive threat discovery and mitigation. Incident Management: Malware analysis using a defined set of analytical tools. User behavior analysis for insider threats and policy violations. Review of data transmission and storage to determine loss and/or theft of company data. Serve on call when assigned. Communicate effectively with peers and other key stakeholders Increase organizational threat awareness by providing briefings as required. Report findings and provide countermeasure recommendations and business cases based on standard security principles, policies, standards, and industry best practices. Promote a proactive approach to the changing threat landscape. Evaluate and recommend new security technologies, processes, and methodologies. Maintain and continually evaluate cyber threat intelligence sources for changes that increase effectiveness and timeliness Coordinate and run vulnerability scans against the environment. Review and analyze vulnerability assessment data to identify technical risks to the organization. Perform identification and impact classification for new vulnerabilities identified in the environment. Verify vulnerabilities through penetration testing and social engineering activities. Interpret vulnerabilities and communicate business impact and remediation actions to management. Prepare vulnerability and risk management reports. Manage and assist in coordination of the remediation of vulnerabilities by IS. Experienced in network monitoring, incident response, cyber investigations, malware analysis, vulnerability assessment, and penetration testing. Graduation in Computer Science & Engineering with Cybersecurity Skill and Experience in Medical Devices. 5-7 Years of Experience. 5% travel 5+ years in product or application security, including embedded systems or connected devices; proven delivery of security in regulated environments. Threat modeling, vulnerability assessment, postmarket surveillance Strong skills producing secure software development lifecycle, architecture/data-flow diagrams, SBOMs, and risk files aligned with FDA pre and post market needs. Hands-on with SBOM (SPDX/CycloneDX), secure coding standards, and security testing tools across embedded and application stacks.