Product Security Engineer
We are looking for an experienced Product Security Engineer to join a global leader in medical equipment manufacturing on a freelance basis.
Key Responsibilities
- Collaborate with software, hardware, and firmware development teams to integrate security requirements and best practices into design, development, and testing phases.
- Conduct security threat modeling, risk assessments, and vulnerability analysis for new and existing products.
- Perform security code reviews, penetration testing, and fuzzing to identify and remediate vulnerabilities.
- Develop and implement secure coding guidelines, security testing methodologies, and documentation for development teams.
- Stay current with emerging security trends, threats, and technologies relevant to medical devices and healthcare IT.
- Execute product security risk assessments and provide remediation guidance to engineering teams.
- Assist with compliance activities, including creating Incident & Vulnerability Management Plans and Product Security White Papers.
- Ensure compliance with standards such as IEC 62443, HIPAA, GDPR, and FDA guidance.
- Participate in incident response activities, including investigation and remediation of security incidents.
- Mentor development teams on secure design principles and coding practices.
- Evaluate third-party components and libraries for security vulnerabilities.
- Contribute to continuous improvement of the product security program and processes.
Preferred Requirements
- Bachelor's degree in Computer Science, Electrical Engineering, Cybersecurity, or related field.
- 3+ years of experience in product security engineering, ideally with embedded systems, IoT, or industrial control systems.
- Strong understanding of common security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
- Experience with security testing tools and methodologies (SAST, DAST, penetration testing).
- Proficiency in at least one programming language (C++, C#, Python, Java).
- Familiarity with Secure Development Lifecycle (SDL) processes and frameworks.
- Knowledge of cryptography principles and secure communication protocols.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work effectively in a cross-functional team environment.
Why Join?
- Work with a leading medical equipment manufacturer on innovative solutions.
- Freelance flexibility with a 6-month contract in Vienna.
- Opportunity to make a global impact on product security in healthcare.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.