Staff Engineer- Product Security SME

Return to Search
Apply Now
Gurugram, 122001, IN
Job details
Work flexiblity: Hybrid Req ID: R533018 Employee type: Full Time Job category: Engineering Travel: 50% Relocation: No

Related content

Why join Stryker?

Looking for a place that values your unique talents? Discover Stryker's award-winning culture.

We are proud to offer you our total rewards package which includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards – not to mention various social and recreational activities, all of which are location specific.

Job description

What you will do

  • Act as subject matter expert on secure lifecycle for a digital product eco system
  • Responsible for understanding the overall technical capabilities of a product, typical deployment scenarios
  • Partner with product teams to perform threat modeling and drive the associated security requirements.
  • Help product teams to prioritize roadmap items to balance security and business risks.
  • Work closely with product teams in assessing the risks, mitigations and preparing responses to external organizations.
  • Perform manual and automated security code review for complex Desktop, Web and Mobile applications to identify security flaws.
  • Leverage DevSecOps to embed security testing into all phases of SDLC to eliminate the repeated steps and drive efficiency (SAST, DAST and IAST)
  • Formulates security testing needs
  • Supports RnD to implement security risk controls and findings from internal/external audits
  • Defines post market monitoring plan including pen tests
  • Supports post market vulnerability assessments.This role is part of product security team under Digital Technologies for Trauma and Extremities that is responsible for overall security posture of a product line.

What you need

Must Have skills:

  • Bachelor’s in Software/Electronics Engineering or equivalent degree.
  • Overall 7-10 years of hands-on experience involving software and hardware platforms.
    •   7+ years of experience in the field of security involving Thick Client, Web and Mobile applications.
    •   Experience in testing interfaces like USB, WiFi, Ethernet, Bluetooth etc is a plus
    •   Experience working with software development teams
    •   Experience in NIST framework like using NIST SP 800-53 controls
  • Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python.
  • Experience in web application security testing tools like Nessus, Metasploit, Burp Suite, SQL map, OWASP ZAP Proxy, HP Fortify.

Good to Have skills:

  • Knowledge in CWE, OWASP Top 10 and WASC THREAT CLASSIFICATION 2.0 methodologies
  • Integrating tools like Synopsys Blackduck, Sonatype Nexus-IQ, etc for Software Composition Analysis
  • Professional certificate like CEH, SSCP, CompTIA CySA+/Security+ ,OSCP
  • Excellent communication and interpersonal skills.
  • Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
Stryker is a global leader in medical technologies and, together with its customers, is driven to make healthcare better. The company offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually. Apply Now