Product Software Security Architect / Medical Devices C#, .NET, PowerShell, Bash

Our client in South Orange County is looking for a Product Software Security Architect with strong experience with C#, PowerShell and Security Protocols for designing and architecting.

They develop DoD medical devices for vision. They are a world wide company with offices in several countries and have some huge new product initiatives within their R&D teams here in Orange County.

They are seeking long-term CTH candidates.

This is an Onsite position at least 4 days in the office in Irvine, CA

Job Purpose

• Plan, implement, upgrade, or monitor security measures for the protection of their SaMD networks and sensitive patient health information / personal information that is residing in those networks.
• Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
• Build strong collaboration with cross-functional stakeholders and teams across the product development lifecycle.
• Build, deploy, and manage security tools and services in SaMD
• Design and implement scalable processes to provision cloud access for Their SaMD
• Evaluate and respond to alerts and events from security tools
• Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools
• Collaborate with security leadership, engineering, and compliance to execute security strategies
• Assist other teams in solving security issues in a manner that complies with business requirements and best practices

Job Functions

• Perform Atheir Product Security Process (APSP) for all the their Software as a Medical Device (SaMD) products.
• Perform risk analysis of in development products; document and score findings, work with development teams to prioritize and reduce overall risks.
• Create SBOM's from tools and scripts and communicate results and remediation to development teams.
• Implement security improvements by assessing current architecture design, evaluating design trade off and proposing security solutions and requirements.
• Prepare software for SAST, DAST, and fuzzing scans; review, document results, provide security fixes for software considerations.
• Safeguard information system assets by identifying and solving potential and actual security problems.
• Perform or support penetration tests which includes creating or reviewing security pretesting reports.
• Perform web application testing and is capable of architecting security solution to enhance web application security.
• Review security updates for possible negative affects against Their SaMD products and monitor for new vulnerabilities.

Required Skills and Qualifications

• BS of Computer Science or other related discipline with 7 years of relevant experience.
• NET development, C#, Scripting for Microsoft development environment, such as PowerShell, (C++ is a plus)
• Solid understanding of Window OS services, processes, driver and registry configurations and analysis techniques
• Experience with Windows and Linux cybersecurity configurations.
• Experience with the following types of tools : SAST, DAST, SBOM, network forensics tools, fuzzing, standard penetration test tools.
• Knowledge of networking and cybersecurity concepts.
• Experience with Microsoft Visual Studios, ADO, or other integrated development environment (IDE) tool is a plus.
• Ability to work independently, proactively identify issues, recommend and implement solutions and deliver quality results on schedule while managing multiple tasks and internal customers.
• Understanding of Software Development Lifecycle Management (SDLC) (Agile / Scrum, iterative)
• Good interpersonal & Communication skills to build positive departmental and inter-departmental relationships in a virtual, remote, and asynchronous environment.

The Offer

• 75-90 / hr rate
• W2 Employee benefits
• Possibility of FT hire after duration of contract
• Overtime pay is optional

LI-SV1