Cybersecurity Specialist - Hybrid

Company: Viva USA Inc.
Location: Lake Forest
Posted on: February 9, 2025

Job Description:

Title: Cybersecurity Specialist - Hybrid

Scroll down to find an indepth overview of this job, and what is expected of candidates Make an application by clicking on the Apply button.


















Description:











Cybersecurity Specialist for Medical Devices (including SxMD Products)


Responsibilities:
Conduct product cybersecurity risk assessments in regulated industries such as healthcare (medical and diagnostic devices).
Collaborate with R&D teams to develop secure architectures and implement security requirements, aligning with standard security frameworks like NIST 800-53.
Evaluate the security of products, software, and systems for compliance with applicable standards (ISO 27001, NIST, EU Directives, FDA, etc.).
Assess and identify the impact of changes, updates, or new regulations on existing and new products, guiding teams on necessary implementations.
Monitor and understand global cybersecurity standards, periodically reviewing for gaps and implementing them in the client SOPs and WIs.
Utilize threat modeling practices and tools (e.g., STRIDE, OWASP) to identify and mitigate security threats.
Conduct CVE vulnerability assessments using appropriate tools and practices.
Monitor and understand security threats to develop effective mitigation solutions.
Perform or support security testing, including penetration tests, and internal/external audits, coordinating remediation as necessary.
Collaborate with Systems Engineering, Software Development, Regulatory, and other stakeholders to develop and document cybersecurity controls.
Execute tests to identify system and security vulnerabilities.


Qualifications:
10+ years of industry experience in the design and development of application software, with at least 5+ years in cybersecurity for medical devices
Bachelor's degree in engineering (Computer, Electrical, Computer Systems, Systems, or Software) or a related discipline.
Experience in product cybersecurity risk assessments in regulated industries like healthcare.
Proficiency in threat modeling practices and tools (e.g., STRIDE, OWASP).
Strong experience in vulnerability assessments, tools, and practices.
Proven ability to monitor and understand security threats and develop mitigation solutions.
Experience in performing or supporting security testing and coordinating remediation efforts.


Technical Skills:
Experience with security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.
Experience with cybersecurity challenges and solutions specific to Software as a Medical Device (SxMD) products.
Knowledge of encryption technologies and secure coding practices.
Familiarity with network security protocols and technologies (e.g., SSL/TLS, VPNs, IPsec).
Experience with cloud security and securing cloud-based applications and infrastructure.
Understanding of secure software development lifecycle (SDLC) practices.
Experience with security information and event management (SIEM) systems.
Knowledge of regulatory requirements and standards specific to medical devices (e.g., HIPAA, GDPR).
Proven track record of securing medical device software and hardware against vulnerabilities and threats.
Experience in ensuring compliance with medical device cybersecurity regulations and standards (e.g., FDA premarket and postmarket cybersecurity guidance).












Mandatory skills:










cybersecurity,
medical device, healthcare, diagnostic device,
risk assessments, threat modeling, vulnerability assessments, mitigation solution,
security threats, security testing, security tools, security technologies, security requirements, security framework, NIST 800-53,
firewalls, intrusion detection, prevention systems, IDS, IPS, antivirus software, penetration test,
R&D, Software as a Medical Device, SxMD, HIPAA, GDPR,
cybersecurity controls, encryption technologies, secure coding, SOP,
network security protocols, network technologies, SSL, TLS, VPN, IPsec,
cloud security, cloud applications, cloud infrastructure,
SDLC, software development lifecycle, security information and event management, SIEM,
regulatory requirements, regulatory standards, Systems Engineering, Software Development, Regulatory,
medical device software and hardware, vulnerabilities, threats, cybersecurity guidance, system vulnerability, security vulnerability,
medical device cybersecurity regulations and standards, FDA, ISO 27001, NIST, EU Directives









VIVA USA is an equal opportunity employer and is committed to maintaining a professional working environment that is free from discrimination and unlawful harassment. The Management, contractors, and staff of VIVA USA shall respect others without regard to race, sex, religion, age, color, creed, national or ethnic origin, physical, mental or sensory disability, marital status, sexual orientation, or status as a Vietnam-era, recently separated veteran, Active war time or campaign badge veteran, Armed forces service medal veteran, or disabled veteran. Please contact us at hr@viva-it.com for any complaints, comments and suggestions.





Contact Details :

Account co-ordinator: Dinesh Kumar U, Phone No: (847) 461-3640, Email: staffing10@viva-it.com



VIVA USA INC.
3601 Algonquin Road, Suite 425
Rolling Meadows, IL 60008
staffing10@viva-it.com - http://www.viva-it.com
Remote working/work at home options are available for this role.

Keywords: Viva USA Inc., Chicago , Cybersecurity Specialist - Hybrid, Other , Lake Forest, Illinois