Integrated Resources
Title - Cyber Security Engineer
Duration: 6+ months Contract (Possibility for Extension)
Location - Wauwatosa, WI 53226 ( 80% onsite, 20% Remote)
Work shift
- 1st Shift
Note- This person will be onsite in Wauwatosa for 80% of the time so local candidates only should be submitted.
Overview: We are seeking a skilled Cyber Security Engineer (contract) to fill a key role within General Imaging (GI) Ultrasound, with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities.
Key Responsibilities: Installed Base and Commercial Support • Cyber Support activities: o Complete DoD monthly security scans Complete remediation actions and prepare quarterly POAM review Ready solutions for open issue closure per schedule o Support commercial and installed base inquiries Vulnerability Management • Vulnerability analysis and issue mitigation o Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components o Product and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment o Engage in incident response methods, lead incident response processes related to product cyber o Create and track meaningful metrics around product cyber risk and compensating controls o Client and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR) o Develop and design innovative cyber security solutions for unique and complex technologies o Assess and investigate specific threats in terms of severity and impact o Create detailed reports on vulnerabilities, bugs, and design flaws o Create vulnerability and incident trend analysis to improve product design o Automate cyber trending and change detection Design an early detector, of changes in security status with the ability to compare SBOM, SCAP and NESSUS results aProductst a baseline
Product security: o Engage and administer End of Life processes for digital products o Consult architects on security requirements and utilize best practices to meet requirements. o Engage in application and domain-specific threat modeling and attack surface analysis/reduction o Prepare reports at appropriate levels of confidentiality for stakeholders to view
Qualifications: • Bachelor's degree in computer science or "STEM" Majors (Science, Technology, Engineering and Math) with minimum of 6 years of professional experience including Cyber Security • Certification in the Privacy, Security & Regulatory domain or related certification • Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code • Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic • Hands-on experience working with Windows and Linux based systems • Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others) • Business Acumen: Able to translate vulnerability information into business risks relevant to our customers • Good understanding of workflow in the healthcare industry • Knowledge of ultrasound or demonstrated experience with development of medical device software • Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance • Experience with secure coding principles; code signing and secure boot • Experience with penetration testing and ethical hacking • Demonstrated ability to work with blended Agile teams, including global teams • Excellent communication, facilitation, and documentation skills
Contract Product • Estimated 40 hours/week • Participation in global team meetings - willing to adjust work times to accommodate Europe (early start) • Deliverables aligned with product development and launch milestones
Work shift
- 1st Shift
Note- This person will be onsite in Wauwatosa for 80% of the time so local candidates only should be submitted.
Overview: We are seeking a skilled Cyber Security Engineer (contract) to fill a key role within General Imaging (GI) Ultrasound, with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities.
Key Responsibilities: Installed Base and Commercial Support • Cyber Support activities: o Complete DoD monthly security scans Complete remediation actions and prepare quarterly POAM review Ready solutions for open issue closure per schedule o Support commercial and installed base inquiries Vulnerability Management • Vulnerability analysis and issue mitigation o Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components o Product and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment o Engage in incident response methods, lead incident response processes related to product cyber o Create and track meaningful metrics around product cyber risk and compensating controls o Client and mitigate vulnerabilities in sensitive Critical Infrastructure/ Key Resource Domains (CI/KR) o Develop and design innovative cyber security solutions for unique and complex technologies o Assess and investigate specific threats in terms of severity and impact o Create detailed reports on vulnerabilities, bugs, and design flaws o Create vulnerability and incident trend analysis to improve product design o Automate cyber trending and change detection Design an early detector, of changes in security status with the ability to compare SBOM, SCAP and NESSUS results aProductst a baseline
Product security: o Engage and administer End of Life processes for digital products o Consult architects on security requirements and utilize best practices to meet requirements. o Engage in application and domain-specific threat modeling and attack surface analysis/reduction o Prepare reports at appropriate levels of confidentiality for stakeholders to view
Qualifications: • Bachelor's degree in computer science or "STEM" Majors (Science, Technology, Engineering and Math) with minimum of 6 years of professional experience including Cyber Security • Certification in the Privacy, Security & Regulatory domain or related certification • Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code • Strong knowledge of TCP/IP networking. Ability to use Wireshark to capture and analyze network traffic • Hands-on experience working with Windows and Linux based systems • Programming skills in one or more languages (we develop using Python, C, C++, CUDA, and others) • Business Acumen: Able to translate vulnerability information into business risks relevant to our customers • Good understanding of workflow in the healthcare industry • Knowledge of ultrasound or demonstrated experience with development of medical device software • Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance • Experience with secure coding principles; code signing and secure boot • Experience with penetration testing and ethical hacking • Demonstrated ability to work with blended Agile teams, including global teams • Excellent communication, facilitation, and documentation skills
Contract Product • Estimated 40 hours/week • Participation in global team meetings - willing to adjust work times to accommodate Europe (early start) • Deliverables aligned with product development and launch milestones