Our Medical Device client located in South Orange County is activly seeking a Sr. Product Software Security Engineer with strong experieence with C#, PoqwerShell and Security Protocols They develop DoD medical devices for vision. They are a world wide company with offices in several countries and have some huge new product initiatives within their R&D teams here in Orange County. They are seeking longterm CTH candidates.

This is an Onsite position at least 3 days in the office

Job Purpose

• Plan, implement, upgrade, or monitor security measures for the protection of Alcon SaMD networks and sensitive patient health information/personal information that is residing in those networks.
• Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
• Build strong collaboration with cross-functional stakeholders and teams across the product development lifecycle.
• Build, deploy, and manage security tools and services in SaMD
• Design and implement scalable processes to provision cloud access for Alcon SaMD
• Evaluate and respond to alerts and events from security tools
• Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools
• Collaborate with security leadership, engineering, and compliance to execute security strategies
• Assist other teams in solving security issues in a manner that complies with business requirements and best practices

Job Functions

1. Perform Alcon Product Security Process (APSP) for all the Alcon Software as a Medical Device (SaMD) products.
2. Perform risk analysis of in development products; document and score findings, work with development teams to prioritize and reduce overall risks.
3. Create SBOM's from tools and scripts and communicate results and remediations to development teams.
4. Implement security improvements by assessing current architecture design, evaluating design trade off and proposing security solutions and requirements.
5. Prepare software for SAST, DAST, and fuzzing scans; review, document results, provide security fixes for software considerations.
6. Safeguard information system assets by identifying and solving potential and actual security problems.
7. Perform or support penetration tests which includes creating or reviewing security pentesting reports.
8. Perform web application testing and is capable of architecting security solution to enhance web application security.
9. Review security updates for possible negative affects against Alcon SaMD products and monitor for new vulnerabilities.

Requirted Skills and Qualifications

1. BS of Computer Science or other related discipline with 7 years of relevant experience.
2. .NET development, C#, Scripting for Microsoft development environment, such as PowerShell, (C is a plus)
3. Solid understanding of Window OS services, processes, driver and registry configurations and analysis techniques
4. Experience with Windows and Linux cybersecurity configurations.
5. Experience with the following types of tools: SAST, DAST, SBOM, network forensics tools, fuzzing, standard penetration test tools.
6. Knowledge of networking and cybersecurity concepts.
7. Experience with Microsoft Visual Studios, ADO, or other integrated development environment (IDE) tool is a plus.
8. Ability to work independently, proactively identify issues, recommend and implement solutions and deliver quality results on schedule while managing multiple tasks and internal customers.
9. Understanding of Software Development Lifecycle Management (SDLC) - (Agile/Scrum, iterative)
10. Good interpersonal & Communication skills to build positive departmental and inter-departmental relationships in a virtual, remote, and asynchronous environment.

The Offer

• 65-80/hr rate
• W2 Employee benefits
• Possibilitty of FT hire after duuration of contract
• Overtime pay is optional

Motion Recruitment Partners