Staff Product Manager, Pentest as a Service
HackerOne$190,000 - $265,000/year
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
Product Security Expert (f/m/d) at Fresenius Medical Care
Bad Homburg vor der Höhe, Hesse, Germany
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, Medical DevicesIndustries
Requirements
- Successfully completed bachelor’s or master’s degree in computer science, information technology or similar field
- At least 5 years of professional experience in IT Security, cybersecurity (e.g. embedded systems, risk management, regulatory requirements) with in-depth knowledge of enabling technologies and technical solutions in the field of cybersecurity
- Experience in R&D in medical devices or other industries with international exposure
- Solid knowledge of the whole development cycle for products from regulated industries
- Knowledge of relevant cybersecurity regulations and guidelines such as (FDA pre-market and post-market guidance, Section 2.4b CFR, IEC 81001-5-1, IEC 62443-4-1, JSP 2.0)
- Relevant cybersecurity certifications are an advantage
- Knowledge of cybersecurity relevant tools (e.g. Microsoft Threat Modelling Tool, BlackDuck Binary Analysis Tool, Kali Linux)
- High engagement on achieving the targets and on the objectives of the position, proactive and solution-oriented approach towards problems, ability to work cross functional with all levels of employees
- Good and professional relationship to and communication with international colleagues and superiors
- Fluent English, in written and spoken, German language is a plus
Responsibilities
- Maintain and continuously update the Cybersecurity Risk Register for all products in the portfolio
- Execute the Post-Market Surveillance process for cybersecurity, including analysis of security-related complaints, incidents, and vulnerabilities
- Operate the Coordinated Vulnerability Disclosure and Incident Response process, including triage, coordination, tracking, and documentation
- Act as the primary coordinator for product-related cybersecurity activities, working closely with R&D and system engineering teams to ensure secure product development
- Contribute to the development and rollout of cybersecurity-related policies, SOPs, and guidelines, ensuring alignment with the overall QMS and evolving regulatory requirements
- Define and maintain Cybersecurity Management Plans and Security Verification Plans for CE products throughout the development lifecycle
- Support Security Risk Management activities, including threat and risk analysis, countermeasure definition, and evaluation of residual cybersecurity risks
- Support the preparation of risk/benefit assessments for cybersecurity risks to enable informed decision-making and documentation
- Collaborate in product roadmap planning, contributing cybersecurity input and supporting alignment with the state of the art in security technologies and practices
Skills
Cybersecurity
Product Security
Risk Management
Threat Analysis
Vulnerability Management
Incident Response
Post-Market Surveillance
Security by Design
Regulatory Compliance
QMS
SOP Development
Cybersecurity Risk Register
Coordinated Vulnerability Disclosure
Fresenius Medical Care
Provides dialysis and renal healthcare services
About Fresenius Medical Care
Fresenius Medical Care North America focuses on delivering high-quality healthcare services to individuals with kidney and other chronic conditions. The company operates a vast network of dialysis centers and outpatient labs for cardiac and vascular care, ensuring coordinated treatment for many patients across the continent. It stands out as the largest fully integrated renal company, providing not only dialysis services but also specialty pharmacy and laboratory services. Additionally, Fresenius manufactures and distributes a wide range of dialysis equipment, disposable products, and renal pharmaceuticals. The goal of Fresenius Medical Care is to enhance the quality of life for patients with chronic illnesses by providing comprehensive and accessible healthcare solutions.
Waltham, MassachusettsHeadquarters
1996Year Founded
$39.1MTotal Funding
LATE_VCCompany Stage
Biotechnology, HealthcareIndustries
11-50Employees
Benefits
Professional Development Budget
Conference Attendance Budget
Flexible Work Hours
Risks
Increased competition from telehealth solutions like Philips' eCareManager 4.1.
Rising mental health challenges may impact FMCNA's employee productivity.
Virtual reality education may face adoption and accessibility challenges in rural areas.
Differentiation
FMCNA is the world's largest fully integrated renal company.
FMCNA offers a comprehensive line of dialysis equipment and renal pharmaceuticals.
FMCNA provides coordinated healthcare services at pivotal care points for chronic conditions.
Upsides
Telehealth market growth supports FMCNA's remote patient monitoring services.
Home dialysis market expansion aligns with FMCNA's patient-centric care approach.
AI integration enhances FMCNA's predictive analytics and personalized medicine capabilities.
Related Jobs
RemoteRemoteThird-Party Cyber Risk Manager
HumanaSalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteSecurity Engineer, Product Security
Chainlink LabsSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSecurity Analyst
Qualified.com$130,000 - $145,000/year
- Full Time
- Junior (1 to 2 years)
RemoteDeputy Compliance Officer
Bitcoin DepotSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSecurity Architect
EarnestSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Security Analyst, Vulnerability Management
Vanta$139,000 - $164,000/year
- Full Time
- Senior (5 to 8 years)