Senior Cyber Security Engineer

Job Title

Job Description

Job title:

The Cyber Security Lead plays a critical role in ensuring the security of (system) software by driving architecture, design, analyses, testing, and maintenance to meet stringent security standards. This position directly impacts product security strategy, solutions direction, and customer experience. Leveraging state-of-the-art security techniques and best practices, the role focuses on delivering robust, high-quality, and secure digital solutions. Collaboration with internal stakeholders such as users, product owners, and development teams is essential to align requirements and implement necessary security modifications. Staying current with the latest developments in cybersecurity and regulatory compliance is central to the position.

Your role:

1. Security Requirements and Risk Management

·       Define and manage security requirements and security-related requirements (requirements engineering) across all systems, including third-party components and services.

·       Perform holistic security risk management, addressing the entire product scope — from architecture to deployment.

·       Maintain and update security requirements in response to enhancement and change requests.

2. Security Testing and Documentation

·       Participate in the creation of test scenarios for security requirements and ensure comprehensive validation.

·       Design and maintain customer-facing security documentation (e.g., Instruction for Use (IfU) and white papers).

·       Verify the accuracy and completeness of Software Bill of Materials (SBOM) and MDS2 forms for software versions prior to launch, as well as after updates or patches.

3. Security Vulnerability Management

·       Investigate root causes of security vulnerabilities and define additional corrective and preventive measures.

·       Ensure that security-related patches and updates are reflected in documentation (e.g., SBOM, MDS2).

4. Secure Development Activities

·       Lead the design, coding, testing (including test automation), documentation, and deployment of secure software.

·       Provide technical expertise to support DevOps in deploying secure applications.

·       Integrate telemetry to identify gaps, ensure traceability, and enhance overall security posture.

·       Drive the adoption of secure software design principles within the team.

5. Technical Leadership and Collaboration

·       Collaborate with cross-functional teams (R&D, DevOps, Quality, and Product Owners) to ensure security objectives align with usability and performance goals.

·       Participate in peer reviews and work in a pairing mode to improve the quality and robustness of designs and implementations.

·       Provide technical mentorship to the team, serving as the recognized expert in cybersecurity for specific areas.

6. Continuous Improvement and Knowledge Sharing

·       Stay updated with the latest advancements in cybersecurity, software craftsmanship, compliance regulations, and best practices.

·       Participate in knowledge-sharing initiatives, industry forums, and educational training programs.

·       Perform data-driven decision-making to ensure solutions are impactful, scalable, and user-centered.

You're the right fit if:

·     Education and Experience

·       Bachelor’s degree in Software Engineering, Computer Science, or a related technical field with 8+ years of experience, or Master’s degree with 5+ years of experience.

·       Experience in medical device industry and knowledge of associated standards and regulations (e.g., FDA, ISO 13485, IEC 62304).

·     Technical Skills

·       Strong understanding of software security design, risk management, and compliance processes.

·       Proficiency in developing and maintaining secure software systems through DevSecOps practices.

·       Experience with security testing tools (e.g., static/dynamic code analysis tools, vulnerability scanners).

·       Expertise in creating and managing SBOMs, MDS2 forms, and customer-facing documentation.

·       Familiarity with Lean/Agile/SAFe methodologies for software development.

·     Behavioral Skills

·       Innovation: Challenge requirements and identify creative solutions to enhance value.

·       Customer-Centric Focus: Understand customer needs and prioritize security solutions that impact the end user positively.

·       Drives Results: Deliver high-quality results while leading complex security projects.

·       Problem-Solving and Resourcefulness: Resolve challenges with practical, scalable solutions.

·       Conflict Resolution: Proactively manage and resolve conflicts within the team or across functions.

·     Preferred Qualifications

·       Experience in cybersecurity for medical devices, regulated industries, or SaaS platforms.

·       Familiarity with telemetry tools and processes to improve security monitoring.

·       Certifications in cybersecurity such as CISSP, CEH, CSSLP, or equivalent.

·     Key Attributes of Success

To excel in this role, the Cyber Security Lead should demonstrate:

1.      A deep understanding of end-to-end product security in highly regulated environments.

2.      The ability to deliver secure and scalable software products that align with usability and innovative digital solutions.

3.      A collaborative and mentoring mindset to lead cross-functional teams through complex security challenges.

About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about our business.
• Discover our rich and exciting history.
• Learn more about our purpose.

If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care here.