Position Title: Product Security Architect - Contractor
Duration: 6mo contract-to-hire
Location: Houston, TX (or driving distance from Houston)
- will work remote most weeks, but need to be onsite for occasional meetings. MUST BE LOCATED IN TX
Stanton House is partnered with a medical device manufacturing firm looking to hire a Product Security Architect for a 6mo contract-to-hire. They are seeking someone who comes for a medical device background who has experience performing premarket security work.
Requirements:
- Prior experience working at a Medical Device Manufacturing company, ideally on Class 3 devices (implantable)
- Expertise with security standards, specifically for healthcare and medical device industries
- Product architecture for pre-market development
- Familiarity with encryption, authentication, access control, network security, and other security technologies relevant to medical devices.
Responsibilities:
- Collaborate with cross-functional teams to design and implement security solutions for medical devices, systems, and software throughout the product development lifecycle.
- Develop and maintain security architecture and design principles, standards, and guidelines that align with industry best practices and regulatory requirements.
- Conduct threat modeling and risk assessments to identify and prioritize security risks and vulnerabilities in medical devices, systems, and software.
- Define and implement security controls, policies, and procedures to mitigate identified risks and vulnerabilities.
- Support the development and implementation of security testing methodologies, such as penetration testing and vulnerability scanning, to validate security controls effectiveness.
- Provide security guidance and support to product development teams, including security architecture design, and security risk management.
- Ensure compliance with relevant industry standards, regulations, and best practices, such as FDA / EUMDR regulations, and other relevant medical device and privacy regulations.
- Support post market incidents, including root cause analysis and remediation planning.
- Consult security technical trainings for development teams to promote a culture of security within the organization.
