Principal Cybersecurity Engineer in Redmond, WA at Stryker Corporation

Date Posted: 9/28/2020

Job Snapshot

Job Description

Stryker is one of the world’s leading medical technology companies and is dedicated to helping healthcare professionals perform their jobs more efficiently while enhancing patient care. The Company offers a diverse array of innovative medical technologies, including reconstructive, medical and surgical, and neurotechnology and spine products to help people lead more active and more satisfying lives. We are currently seeking a Principal Cybersecurity Engineer located in Redmond, Washington

Who we want:

Collaborative partners. People who build and leverage cross-functional relationships to bring together ideas, information, use cases, and industry analyses to develop best practices.

Strategic thinkers. People who enjoy analyzing data or trends for the purposes of planning, forecasting, advising, budgeting, reporting, or sales opportunities.

Analytical problem solvers. People who go beyond just fixing to identify root causes, evaluate optimal solutions, and recommend comprehensive upgrades to prevent future issues.

What you will do:

  • The candidate will work with stakeholders to identify, evaluate, and mitigate risks across products.
  • This position requires knowledge of secure development, risk management, security frameworks, and standards.
  • Develops use cases and security requirements to manage, administer, and deploy connected medical devices.
  • Identifies and assesses vulnerabilities, threats, and risk controls using established security frameworks.
  • Updates security risk control file and ensures traceability across various design control artifacts.
  • Develops, documents, and implements processes based on industry security standards.
  • Develops common security architecture/patterns for various product lines.
  • Collaborates with product teams to identify, develop, and implement security controls.
  • Assists product teams to respond to regulatory/customer queries around security.
  • Collaborates with third-party software vendors to develop vulnerability scanning and mitigation plans.
  • Supports product teams to investigate security breaches and respond to vulnerability reports.
  • Manages security BOM for products.
  • Trains engineers to adopt the best security development practices.
  • Engages with product teams to document and trace security protocols.
  • Introduces the latest security tools and techniques to verify security controls.
  • Keeps up to date with the latest security standards and frameworks.
  • Supports legacy product security strategy.
  • Provides technical leadership for projects of smaller scope and/or some aspects of larger projects
  • Complete and maintain all required quality system training and comply with all quality system procedures.
  • May recommend changes in procedures and processes to increase efficiency and effectiveness.

What you need:

  • Bachelor’s degree in electrical/software engineering or related discipline
  • 10 years directly related experience
  • Good understanding of embedded software/hardware security principles  

Preferred Qualifications:

  • Demonstrated expertise with secure product development (IoT devices)
  • Knowledge of state-of-the-art security methods and implementation.
  • Experience with secure software development and OS hardening
  • Understanding of networking, wireless, PKI, FIPS 140-2, cryptography
  • Knowledge of C/C++, Python/Bash, *nix OS
  • Familiarity with IEC 60601-x, NIST, IEC 800001, HIPAA, GDPR
  • Certifications: CEH, SANS, GPEN, or other security certifications
  • Knowledge of DoD security requirements

Work From Home: Not available

Travel Percentage: None

Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer – M/F/Veteran/Disability.

Stryker Corporation will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.

Join our talent network

Joining our talent network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected to you.

Join Our Team