Product Security Expert (f/m/d) at Fresenius Medical Care

Bad Homburg vor der Höhe, Hesse, Germany

Apply Now
Fresenius Medical Care Logo
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Healthcare, Medical DevicesIndustries

Requirements

  • Successfully completed bachelor’s or master’s degree in computer science, information technology or similar field
  • At least 5 years of professional experience in IT Security, cybersecurity (e.g. embedded systems, risk management, regulatory requirements) with in-depth knowledge of enabling technologies and technical solutions in the field of cybersecurity
  • Experience in R&D in medical devices or other industries with international exposure
  • Solid knowledge of the whole development cycle for products from regulated industries
  • Knowledge of relevant cybersecurity regulations and guidelines such as (FDA pre-market and post-market guidance, Section 2.4b CFR, IEC 81001-5-1, IEC 62443-4-1, JSP 2.0)
  • Relevant cybersecurity certifications are an advantage
  • Knowledge of cybersecurity relevant tools (e.g. Microsoft Threat Modelling Tool, BlackDuck Binary Analysis Tool, Kali Linux)
  • High engagement on achieving the targets and on the objectives of the position, proactive and solution-oriented approach towards problems, ability to work cross functional with all levels of employees
  • Good and professional relationship to and communication with international colleagues and superiors
  • Fluent English, in written and spoken, German language is a plus

Responsibilities

  • Maintain and continuously update the Cybersecurity Risk Register for all products in the portfolio
  • Execute the Post-Market Surveillance process for cybersecurity, including analysis of security-related complaints, incidents, and vulnerabilities
  • Operate the Coordinated Vulnerability Disclosure and Incident Response process, including triage, coordination, tracking, and documentation
  • Act as the primary coordinator for product-related cybersecurity activities, working closely with R&D and system engineering teams to ensure secure product development
  • Contribute to the development and rollout of cybersecurity-related policies, SOPs, and guidelines, ensuring alignment with the overall QMS and evolving regulatory requirements
  • Define and maintain Cybersecurity Management Plans and Security Verification Plans for CE products throughout the development lifecycle
  • Support Security Risk Management activities, including threat and risk analysis, countermeasure definition, and evaluation of residual cybersecurity risks
  • Support the preparation of risk/benefit assessments for cybersecurity risks to enable informed decision-making and documentation
  • Collaborate in product roadmap planning, contributing cybersecurity input and supporting alignment with the state of the art in security technologies and practices

Skills

Key technologies and capabilities for this role

CybersecurityProduct SecurityRisk ManagementThreat AnalysisVulnerability ManagementIncident ResponsePost-Market SurveillanceSecurity by DesignRegulatory ComplianceQMSSOP DevelopmentCybersecurity Risk RegisterCoordinated Vulnerability Disclosure

Questions & Answers

Common questions about this position

What education and experience are required for the Product Security Expert role?

A successfully completed bachelor’s or master’s degree in computer science, information technology or similar field is required, along with at least 5 years of professional experience in IT Security or cybersecurity, particularly in embedded systems, risk management, and regulatory requirements.

What key skills and knowledge are needed for this position?

Candidates need solid knowledge of the product development cycle in regulated industries, relevant cybersecurity regulations like FDA guidance, IEC 81001-5-1, and IEC 62443-4-1, experience in R&D for medical devices, and familiarity with cybersecurity tools.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

What makes a strong candidate for the Product Security Expert position?

Strong candidates have 5+ years in cybersecurity with medical device R&D experience, in-depth knowledge of regulations like IEC 81001-5-1 and FDA guidance, and relevant certifications, plus experience in risk management and regulated product development cycles.

Fresenius Medical Care

Provides dialysis and renal healthcare services

Website

About Fresenius Medical Care

Fresenius Medical Care North America focuses on delivering high-quality healthcare services to individuals with kidney and other chronic conditions. The company operates a vast network of dialysis centers and outpatient labs for cardiac and vascular care, ensuring coordinated treatment for many patients across the continent. It stands out as the largest fully integrated renal company, providing not only dialysis services but also specialty pharmacy and laboratory services. Additionally, Fresenius manufactures and distributes a wide range of dialysis equipment, disposable products, and renal pharmaceuticals. The goal of Fresenius Medical Care is to enhance the quality of life for patients with chronic illnesses by providing comprehensive and accessible healthcare solutions.

Waltham, MassachusettsHeadquarters
1996Year Founded
$39.1MTotal Funding
LATE_VCCompany Stage
Biotechnology, HealthcareIndustries
11-50Employees

Benefits

Professional Development Budget
Conference Attendance Budget
Flexible Work Hours

Risks

Increased competition from telehealth solutions like Philips' eCareManager 4.1.
Rising mental health challenges may impact FMCNA's employee productivity.
Virtual reality education may face adoption and accessibility challenges in rural areas.

Differentiation

FMCNA is the world's largest fully integrated renal company.
FMCNA offers a comprehensive line of dialysis equipment and renal pharmaceuticals.
FMCNA provides coordinated healthcare services at pivotal care points for chronic conditions.

Upsides

Telehealth market growth supports FMCNA's remote patient monitoring services.
Home dialysis market expansion aligns with FMCNA's patient-centric care approach.
AI integration enhances FMCNA's predictive analytics and personalized medicine capabilities.

Related Jobs

San Francisco +4 more
Remote iconRemote

Staff Product Manager, Pentest as a Service

HackerOne
$190,000 - $265,000/year
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
San Antonio
Remote iconRemote

Third-Party Cyber Risk Manager

Humana
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years)
United States +4 more
Remote iconRemote

Security Engineer, Product Security

Chainlink Labs
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
Canada
Remote iconRemote

Security Analyst

Qualified.com
$130,000 - $145,000/year
  • Employment type iconFull Time
  • Experience level iconJunior (1 to 2 years)
United States
Remote iconRemote

Deputy Compliance Officer

Bitcoin Depot
Salary not specified
  • Employment type iconFull Time
  • Experience level iconMid-level (3 to 4 years), Senior (5 to 8 years)
San Francisco
Remote iconRemote

Security Architect

Earnest
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Senior Security Analyst, Vulnerability Management

Vanta
$139,000 - $164,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)

Land your dream remote job 3x faster with AI

Try Jobo Free