Product Security Engineer - Penetration Tester

Becton Dickinson ,
Winnersh, Berkshire
Job Type: Full-time

Overview

UK - Remote BD is looking for a security-focused engineer and researcher to join our Product Security Engineering Team and carry out security testing and research on our products. The role will require auditing of applications and code to detect or exploit security vulnerabilities specific to medical devices and products. This individual will be actively engaged in areas such as penetration testing, security analysis, and cutting-edge research on current technologies and attacks that apply to medical devices. We are looking for a passionate individual who shares a passion for learning and new technologies as we improve the security of products and solutions sold to customers. This role is based remotely, anywhere within the UK. Responsibilities: Perform code reviews manually and by utilizing Static Code Analysis tools Penetration testing & vulnerability research Support developers of our business units in their SDLC and provide guidance regarding mitigations to emerging threats Threat modelling Provide guidance on secure architecture design as required Provide remediation planning for identified and emerging threats found through security testing Security tool development, maintenance and improvements Security training development and deliver to internal development teams Project and research work as required Experience: Sound security architectural and security knowledge in the following areas: Web Applications, Web and Cloud Services Windows and Linux OSes Embedded Devices / IoT Mobile applications running on both Android and iOS Experience with programming languages such as C/C++ and C# and knowledge how to test code for security and quality Experience working with secure coding methodology and best practices and their implementation within engineering teams. Good understanding of standard security vulnerabilities and common remediation as published by OWASP, SANS, etc. Excellent written and verbal communication skills including the ability to convey highly technical information to non-technical audiences. Ability to build relationships with engineering teams to improve product security Posting Date: 26th March 2020 Closing Date: 24th April 2020 Salary: Competitive