Product Security Engineer

We are looking for an experienced Product Security Engineer to join a global leader in medical equipment manufacturing on a freelance basis.

Key Responsibilities

• Collaborate with software, hardware, and firmware development teams to integrate security requirements and best practices into design, development, and testing phases.
• Conduct security threat modeling, risk assessments, and vulnerability analysis for new and existing products.
• Perform security code reviews, penetration testing, and fuzzing to identify and remediate vulnerabilities.
• Develop and implement secure coding guidelines, security testing methodologies, and documentation for development teams.
• Stay current with emerging security trends, threats, and technologies relevant to medical devices and healthcare IT.
• Execute product security risk assessments and provide remediation guidance to engineering teams.
• Assist with compliance activities, including creating Incident & Vulnerability Management Plans and Product Security White Papers.
• Ensure compliance with standards such as IEC 62443, HIPAA, GDPR, and FDA guidance.
• Participate in incident response activities, including investigation and remediation of security incidents.
• Mentor development teams on secure design principles and coding practices.
• Evaluate third-party components and libraries for security vulnerabilities.
• Contribute to continuous improvement of the product security program and processes.

Preferred Requirements

• Bachelor's degree in Computer Science, Electrical Engineering, Cybersecurity, or related field.
• 3+ years of experience in product security engineering, ideally with embedded systems, IoT, or industrial control systems.
• Strong understanding of common security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
• Experience with security testing tools and methodologies (SAST, DAST, penetration testing).
• Proficiency in at least one programming language (C++, C#, Python, Java).
• Familiarity with Secure Development Lifecycle (SDL) processes and frameworks.
• Knowledge of cryptography principles and secure communication protocols.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work effectively in a cross-functional team environment.

Why Join?

• Work with a leading medical equipment manufacturer on innovative solutions.
• Freelance flexibility with a 6-month contract in Vienna.
• Opportunity to make a global impact on product security in healthcare.