York Solutions, LLC is hiring: Cybersecurity Specialist in Lake Forest

Description: At this time, we are unable to consider candidates requiring visa sponsorship or third-party recruitment agencies for this role. We encourage all applicants to apply directly, and we thank you for your understanding.

Overview: We are seeking a skilled Cybersecurity Specialist.

Location: Hybrid Onsite 1-2 days a week - Lake Forest, IL.

Responsibilities:

1. Conduct product cybersecurity risk assessments in regulated industries such as healthcare (medical and diagnostic devices).
2. Collaborate with R&D teams to develop secure architectures and implement security requirements, aligning with standard security frameworks like NIST 800-53.
3. Evaluate the security of products, software, and systems for compliance with applicable standards (ISO 27001, NIST, EU Directives, FDA, etc.).
4. Assess and identify the impact of changes, updates, or new regulations on existing and new products, guiding teams on necessary implementations.
5. Monitor and understand global cybersecurity standards, periodically reviewing for gaps and implementing them in Abbott SOPs and WIs.
6. Utilize threat modeling practices and tools (e.g., STRIDE, OWASP) to identify and mitigate security threats.
7. Conduct CVE vulnerability assessments using appropriate tools and practices.
8. Monitor and understand security threats to develop effective mitigation solutions.
9. Perform or support security testing, including penetration tests, and internal/external audits, coordinating remediation as necessary.
10. Collaborate with Systems Engineering, Software Development, Regulatory, and other stakeholders to develop and document cybersecurity controls.
11. Execute tests to identify system and security vulnerabilities.

Required Technical Skills:

1. Experience with security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.
2. Experience with cybersecurity challenges and solutions specific to Software as a Medical Device (SxMD) products.
3. Knowledge of encryption technologies and secure coding practices.
4. Familiarity with network security protocols and technologies (e.g., SSL/TLS, VPNs, IPsec).
5. Experience with cloud security and securing cloud-based applications and infrastructure.
6. Understanding of secure software development lifecycle (SDLC) practices.
7. Experience with security information and event management (SIEM) systems.
8. Knowledge of regulatory requirements and standards specific to medical devices (e.g., HIPAA, GDPR).
9. Proven track record of securing medical device software and hardware against vulnerabilities and threats.
10. Experience in ensuring compliance with medical device cybersecurity regulations and standards (e.g., FDA premarket and postmarket cybersecurity guidance).

Required Qualifications:

1. 10+ years of industry experience in the design and development of application software, with at least 5+ years in cybersecurity for medical devices.
2. Bachelor's degree in engineering (Computer, Electrical, Computer Systems, Systems, or Software) or a related discipline.
3. Experience in product cybersecurity risk assessments in regulated industries like healthcare.
4. Proficiency in threat modeling practices and tools (e.g., STRIDE, OWASP).
5. Strong experience in vulnerability assessments, tools, and practices.
6. Proven ability to monitor and understand security threats and develop mitigation solutions.
7. Experience in performing or supporting security testing and coordinating remediation efforts.

Benefits:

York Solutions Offers a generous benefits package for eligible full-time employees:

• BCBS Medical with 3 Plans to choose from (PPO and High deductible PPO plans with Health Savings Program).
• Delta Dental plan with 2 free cleanings and insurance discounts.
• Eye Med Vision with annual check-ups and discounts on lens.
• Life and Accidental Death Insurance paid by company.
• John Hancock 401(k) Retirement Plan with discretionary company match up to 5%.
• Voluntary Insurance programs such as: Hospital Indemnity, Identity Protection, Legal Insurance, Long Term Care, and Pet Insurance.
• Flexible work environment with some remote working opportunities.
• Strong fun and teamwork environment.
• Learning, development, and career growth.