Application Security Analyst -Medical Devices

Date: Aug 24, 2021

Location: Naples, FL, US, 34108

Company: Arthrex

Requisition ID: 49459 
Title: Application Security Analyst -Medical Devices 
Division: Arthrex, Inc. (US01) 
Location: Naples, FL









Arthrex is a global medical device company and a leader in new product development and medical education in orthopedics. Arthrex is actively seeking a Application Security Analyst -Medical Devices who will work directly with the Engineering and Quality Engineering teams within Arthrex. Application Security Analyst who will work closely with product design and development staff to build security into applications and medical devices developed at Arthrex.  You will be responsible for maintaining secure development standards, performing penetration tests, and documenting remediations.  The role will be instrumental in developing software security training for development staff, assisting in answering customer questionnaires, and striving to ensure compliance with Global regulatory requirements.  Excellent communications and analytical skills, strong technical project management skills and a Bachelors’ degree will be essential for this position. Join our talented team at a global medical device company focused on Helping Surgeons Treat Their Patients Better™.


Essential Duties and Responsibilities:

  • Conducts software security analysis on medical devices and other software products.
  • Champions software security findings by ensuring findings are produced, documented, prioritized, and addressed.
  • Acts as a subject matter expert for development teams and facilitate secure coding training for developers.
  • Works to implement manual and automated security testing of devices and software to enforce standards.
  • Plans and oversees external assessments for software security.
  • Produces customer guidance documents and required regulatory deliverables with high confidence.
  • Maintains a leading edge understanding of software security processes required in design, development, and post market management of medical devices to find new and novel opportunities to improve product quality and enhance patient safety
  • Ensures efficient and streamlined version control and workflow, supporting teams in a fast-paced Agile/Scrum environment.
  • This is an in-office position located in Naples, Florida; it is not a remote position


Incidental Duties:

The above statements describe the general nature and level of work being performed in this job.  They are not intended to be an exhaustive list of all duties, and indeed additional responsibilities may be assigned, as required, by management.


Education and Experience:

  • Bachelor’s Degree required.  Degree in Computer Science or related field preferred. Master’s Degree preferred
  • 5 years’ experience in at least one of the following (two or more preferred):
    1. Software Development
    2. Software Security
    3. Electronic Medical Device Development
    4. Embedded systems or IoT
    5. Cloud Systems or SaaS
  • Experience in Medical Device Manufacturing or Regulated Healthcare Industry experience a plus


Knowledge and Skill Requirements/Specialized Courses and/or Training:

  • Excellent communication skills and customer service orientation.
  • Working knowledge in the Software Development Lifecycle (SDLC).
  • Working knowledge of application security controls (NIST, CIS, OWASP).
  • Working knowledge of Cloud Service Providers and Cloud Security Controls (AWS, Azure, CSA).
  • Working knowledge of IT Risk Management Frameworks (NIST, HITRUST, ISO).
  • Working knowledge of embedded system security preferred.
  • Knowledge of FDA and ISO guidelines for the development of medical devices preferred.
  • Knowledge of Privacy Laws (HIPAA, EU General Data Protection Regulation) preferred.
  • CISSP, CISM, SANS, OSCP, OSWE Information Security Certifications preferred.
  • CCSK or CCSP Cloud Security Certifications preferred.

All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Nearest Major Market: Naples

Job Segment: Medical, Orthopedic, Engineer, Embedded, Developer, Healthcare, Engineering, Technology