Mandatory Skills (Top 5 Keywords or skills) | Skill Proficiency | |||
Years of Experience | Basic Knowledge | Medium | Expert | |
Product Security | 5+ | Y | ||
Penetration Testing | 5+ | Y | ||
C/C++, C#, Python | 5+ | Y | ||
- Help drive adherence to the customer's Product Security’s overarching framework
- Partner with internal organizations to enhance existing processes and policies
- Create and present Product Security metrics to management within Ottava and ISRM
- Champion Product Security strategy and objectives across the Ottava Robotic Platform
- Engaged as a subject matter expert to support completion of product security activities, tasks, deliverables, documentation, approvals, and product security controls.
- Responsible for defining security requirements for the product and associated applications
- Responsible for reviewing the Threat Model and Security Risk Assessment in collaboration with Systems Engineering.
- Responsible for supporting the FDA pre-market cybersecurity documents (as needed) and collaborating with regulatory compliance stakeholders and activities.
- Responsible for the facilitation and assessing any third parties’ penetration testing and/or validation services.
- Perform regular reviews and analysis of security reports and issues, propose solutions where appropriate and lead their remediation.
- Respond to alerts, security incidents, and assist in remediation as needed.
- Respond to customer cybersecurity questionnaires for all post-market medical devices.
- Other MedTech cybersecurity related duties as needed
- At least 5 years IT or cybersecurity experience and at least 2 years of product security experience
- Bachelor’s degree or equivalent experience
- Understanding of penetration testing, vulnerability scanning, CVSS and/or other general security testing principles
- Ability to provide secure coding recommendations
- Knowledge in at least one coding language (i.e. C/C++, C#, Python) with code review experience highly preferred
- Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams
- Knowledge of traditional and real-time operating systems (i.e. QNX, Windows Embedded, Ubuntu, Yocto) hardening techniques
- Ability to translate technical security requirements into solutions
- Creative problem-solving skills
- Customer focus (internal & external)
- Excellent communication and collaboration skills
- Understanding of Quality Design Control processes and FDA submission processes.
- Hands-on experience with software security tools and platforms like Checkmarx, Black Duck, Jfrog Xray, etc.
- Hands-on experience with vulnerability assessment tools.
- Knowledge of product or medical device security or MDDS platforms.
- Working knowledge of microservices architecture and API security.
- Experience working within Agile methodology.
- Software development experience
- Experience leading or participating in formal security audits (i.e. HITRUST, SOC2, FedRAMP)
- Security certification like CISSP/ AWS Security Specialist/ CEH or CSSLP a strong plus.
Salary and Other Compensation:
The annual salary for this position is between $110-134Kdepending on experience and other qualifications of the successful candidate.
This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.
Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:
· Medical/Dental/Vision/Life Insurance
· Paid holidays plus Paid Time Off
· 401(k) plan and contributions
· Long-term/Short-term Disability
· Paid Parental Leave
· Employee Stock Purchase Plan
Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
What we offer
- The chance to work with impact. Here, you’re empowered to bring your biggest thinking to help our company and clients improve everyday life.
- Ownership over your career. Stay at the top of your game through our award-winning learning and development ecosystem. And when your ambitions change or we offer new opportunities, we help you pivot by providing reskilling, on-the-job learning and guidance to find new roles that might be a better fit.
- The opportunity to thrive on a high caliber team with heart. We celebrate each other’s experiences and perspectives and promote a sense of belonging through our affinity groups and diversity and inclusion initiatives.
- A comprehensive total rewards package, including a competitive salary and a pension plan with matching contributions.
- Flexible health and financial benefits to support you and your eligible dependents—from day one.
- True work-life balance. Be at your best through paid time off, flexible work arrangements, volunteering opportunities, social events, and so much more.
About us
Cognizant (Nasdaq: CTSH) is an AI Builder and technology services provider, building the bridge between AI investment and enterprise value by building full-stack AI solutions for our clients. Our deep industry, process and engineering expertise enables us to build an organization’s unique context into technology systems that amplify human potential, realize tangible returns and keep global enterprises ahead in a fast-changing world. See how at www.cognizant.com or @cognizant.
Other employment-related information
Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, provincial or local laws.
If you have a disability that requires reasonable accommodation to search for a job opening or submit an application, please email [email protected] with your request and contact information.
Language requirements vary depending on roles, but we ask that all candidates have basic English proficiency for company-wide communications purposes. For roles based in Quebec, professional English proficiency is required, as you’ll deliver services to and collaborate with stakeholders outside the province who may not speak French.