Our client in South Orange County is looking for a Product Software Security Architect with strong experience with C#, PowerShell and Security Protocols for designing and architecting.
They develop DoD medical devices for vision. They are a world wide company with offices in several countries and have some huge new product initiatives within their R&D teams here in Orange County.
They are seeking long-term CTH candidates.
This is an Onsite position at least 4 days in the office in Irvine, CA
Job Purpose
- Plan, implement, upgrade, or monitor security measures for the protection of their SaMD networks and sensitive patient health information / personal information that is residing in those networks.
- Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
- Build strong collaboration with cross-functional stakeholders and teams across the product development lifecycle.
- Build, deploy, and manage security tools and services in SaMD
- Design and implement scalable processes to provision cloud access for Their SaMD
- Evaluate and respond to alerts and events from security tools
- Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools
- Collaborate with security leadership, engineering, and compliance to execute security strategies
- Assist other teams in solving security issues in a manner that complies with business requirements and best practices
Job Functions
- Perform Atheir Product Security Process (APSP) for all the their Software as a Medical Device (SaMD) products.
- Perform risk analysis of in development products; document and score findings, work with development teams to prioritize and reduce overall risks.
- Create SBOM's from tools and scripts and communicate results and remediation to development teams.
- Implement security improvements by assessing current architecture design, evaluating design trade off and proposing security solutions and requirements.
- Prepare software for SAST, DAST, and fuzzing scans; review, document results, provide security fixes for software considerations.
- Safeguard information system assets by identifying and solving potential and actual security problems.
- Perform or support penetration tests which includes creating or reviewing security pretesting reports.
- Perform web application testing and is capable of architecting security solution to enhance web application security.
- Review security updates for possible negative affects against Their SaMD products and monitor for new vulnerabilities.
Required Skills and Qualifications
- BS of Computer Science or other related discipline with 7 years of relevant experience.
- NET development, C#, Scripting for Microsoft development environment, such as PowerShell, (C++ is a plus)
- Solid understanding of Window OS services, processes, driver and registry configurations and analysis techniques
- Experience with Windows and Linux cybersecurity configurations.
- Experience with the following types of tools : SAST, DAST, SBOM, network forensics tools, fuzzing, standard penetration test tools.
- Knowledge of networking and cybersecurity concepts.
- Experience with Microsoft Visual Studios, ADO, or other integrated development environment (IDE) tool is a plus.
- Ability to work independently, proactively identify issues, recommend and implement solutions and deliver quality results on schedule while managing multiple tasks and internal customers.
- Understanding of Software Development Lifecycle Management (SDLC) (Agile / Scrum, iterative)
- Good interpersonal & Communication skills to build positive departmental and inter-departmental relationships in a virtual, remote, and asynchronous environment.
The Offer
- 75-90 / hr rate
- W2 Employee benefits
- Possibility of FT hire after duration of contract
- Overtime pay is optional
LI-SV1
26 days ago