Security Engineer

We are seeking a highly skilled and experienced Security Engineer to join our team. The ideal candidate will possess a robust understanding of application and network security and windows operating systems security. This role requires strategic planning capabilities and a comprehensive view of medical product security. Experience in Governance, Risk, and Compliance (GRC) and familiarity with medical devices and compliance standards such as HIPAA, and HITECH will be advantageous. 

Location: Yokneam Israel

Key Responsibilities: 

Application Security: 

• Review security product results, identify potential risks based on existing vulnerabilities. 
•  Interpret vulnerability findings and prioritize them for remediation based on risk and impact. Perform Risk analysis on related product risks, determine needed security controls, and manage the residual risk Security-related product risks
• Model Product Security Threats and monitors worldwide Product Security Threats
• Research and advocate for new security solutions and technologies
• Collaborate with development teams to integrate security best practices into the software development lifecycle. 
• Collaborates with Quality and Regulatory department for Safety Risks induced by Security Risks

Technical Expertise: 

• Utilize advanced technical skills to analyze and mitigate security vulnerabilities. 
• Implement and manage security tools and technologies to enhance the security posture of applications and systems. 
• Provide technical guidance and support to other team members and stakeholders. 

Experience and Education: Medical Device Security: 

Apply security best practices to the design, development, and deployment of medical devices. 

Ensure compliance with relevant medical device regulations and standards. 

Collaborate with cross-functional teams to address security requirements specific to medical devices.

• At least 10 years of experience in the Information Security/Cybersecurity domain years.
• Certificates in the cyber field of a leading and recognized global organization
• Security Regulation and Standards Engineer/ Manager.
• Experience in systems engineering

·        Additional Experience:

• Experience in regulated companies (Avionic, Medical) – advantage
• Academic degree in the field of computer science or equivalent work experience – advantage
• Experience in Software/Hardware development – advantage

Required Knowledge:

• Knowledge in Information Security/Cybersecurity Standards, Methodologies and Controls
• Knowledge and experience in product development and system engineering processes

Certifications:

• Business-standard certification(s) in security, such as CISSP/CSSLP – advantage
• Demonstrated expertise in managing and securing standard operating systems, including Windows and Linux. This includes comprehensive experience in system hardening, conducting thorough vulnerability assessments, and implementing effective remediation strategies to ensure robust security postures. 
• Proven experience in application security, including vulnerability assessment and remediation. 
• Strong technical skills with experience in security tools and technologies. 
• Strategic thinker with the ability to develop and execute long and short term security plans. 
• Experience in Governance, Risk, and Compliance (GRC) is an advantage. 
• Familiarity with medical device security and relevant regulations is an advantage. 
• Knowledge of HIPAA compliance and other healthcare standards is an advantage. 
• Excellent communication and collaboration skills. 

We at Deloitte believe that diversity and inclusion among our people is a critical component of our success and that is why we cultivate an organizational culture that contains and embraces diversity in all its forms.