Duration: 5 months to start

Job Description:
Tasks & Responsibilities

• Apply industry leading cyber security and privacy practices and standards to the digital product portfolio, including cloud, IoT, software, and mobile solutions.
• Perform cyber security risk management, including threat modeling, to ensure security and privacy by design and by default.
• Assist the project teams with technical security- and privacy-related guidance.
  Perform / organize security assurance activities, such as penetration testing, vulnerability assessment, static code analysis, fuzzing, and (code) reviews.
• Perform post-market vulnerability assessments and support incident response activities.
• Collaboration with cross-functional teams on project level
• Support and advice senior management regarding cyber security and privacy risks

• Academic degree in computer science, information technology, IT security, or a related technical field
• Several years of experience in secure software development lifecycle (SDLC) activities, preferrable within the healthcare industry
• Good knowledge in conducting security risk assessments, including threat modeling.
• Familiar with DevOps, IT security, cryptography, and Secure SDLC activities
• Hands-on experiences with SAST, DAST, (code) reviews, penetration testing, and cloud solutions
• Experience in complying with cyber security and data privacy regulations, frameworks, and guidelines such as GDPR, HIPAA, MDR, FDA, NIST CSF, ISO 27k, CIS Controls, NIST SP 800-series, OWASP ASVA/MASVS or similar is desirable.
• Professional certifications such as CSSLP, CISSP, or others would be a plus.
• Experience in working in international teams.
• Fluent in English written and in spoken.