Cyber Security Specialist

Overview

On Site
$160,000 - $170,000
Full Time
Accepts corp to corp applications

Skills

Device Security
Cybersecurity
IOT Security
Medical Devices
OWASP
Static code analyzer tools
code injection attacks
Threat modeling

Job Details

What you will be doing:
• Collaborate with XFN teams, including software and hardware engineers, product managers, and medical device compliance, to design and implement secure solutions for medical devices.
• Author cybersecurity management plans, and other security deliverables required to support regulatory submissions (510(k), DeNovo, CE, etc) of RL medical device products
• Conduct security risk assessments and vulnerability testing to identify potential security threats and vulnerabilities in our products.
• Develop and implement security controls, such as encryption, access controls, and secure communication protocols, to mitigate identified risks.
• Work with the software and hardware development teams to ensure that security is integrated into the design and development and HW/SW architecture for medical device products
• Provide security-focused guidance and training to other team members to ensure that security is a top priority across all medical device programs
• Work closely with 3rd party test labs to ensure that security testing and validation is executed and completed to support product timelines
• Serve as a primary point of contact between Medical Device XFN and other Security Teams
• Collaborate with the legal, SWE, program management, and medical device compliance teams to ensure that our products comply with relevant regulations and industry standards, such as HIPAA, FDA, and GDPR.
• Participate in incident response and security incident management

What we are looking for:
• Should be hands-on with Open Web application security project – OWASP procedures
• Hands-on with Static code analyzer tools like Valgrind to trace Buffer overflow, Stack overflow, memory leaks, API testing
• Hands-on with code reviews to identify potential issues
• Fluent with code injection attacks - SQL, NoSQL, OS command, Object Relational Mapping (ORM), LDAP, and Expression Language (EL) or Object Graph Navigation Library (OGNL) injection
• Identify risks during firmware update
• Identify risks in Cryptography signature
• Able to guide and hands-on with Toolchain hardening
• Able to identify Identity and Access management attacks
• Data collection, storage, privacy
• Transport layer security

Threat modeling-
• Identifying all assets in a system,
• Creating an architecture overview
• Decomposing the system (or device),
• Identification of threats,
• Document all the threats with their respective scenarios, and
• Rate each threat by its likelihood as well as impact using a rating system

Education background: B.E./B.S./B.Tech in Engineering

What s In It For You:

At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job. That s why we offer competitive financial compensation, including various compensation plans and a solid benefits package.

  • Medical, Dental, Vision Insurance
  • 401k, With Matching Contributions
  • Short-Term/Long-Term Disability Insurance
  • Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options
  • Paid Time Off (including sick, holiday, vacation, etc.)
  • Tuition Reimbursement
  • Growth Opportunities
  • And more.

Work Arrangement Fully On-Site: Must be able to travel to an Arrow Client office location as requested by Arrow Client leadership.
Location: Burlingame CA (Day-1 Onsite)

About eInfochips
eInfochips, an Arrow company (Fortune #133), is a leading global provider of product engineering and semiconductor design services. A rich history of over two decades, with over 500+ products developed and 40M deployments in 140 countries, eInfochips continues to fuel technological innovations in multiple verticals. eInfochips has strategic technology partnerships with Qualcomm, NVIDIA, NXP, Analog Devices, Texas Instruments, Amazon, Microsoft and Google to name a few. Along with Arrow’s
$38B in revenues, 22,000 employees, and 345 locations serving over 80 countries, eInfochips is primed to accelerate connected products innovation for 150,000+ global clients. eInfochips acts as a catalyst to Arrow’s Sensor-to-Sunset initiative and offers complete edge-to-cloud capabilities for its clients. Please visit for our portfolio of product engineering services across various industries C verticals.

EEO Statement:
Arrow is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.