Share this Job

Job Title:  Regulatory Cybersecurity Specialist - Hybrid

Req ID:  32305
Job Category:  Regulatory Affairs

Mentor, OH, US, 44060

Description: 

At STERIS, we help our Customers create a healthier and safer world by providing innovative healthcare and life science product and service solutions around the globe.

Position Summary

STERIS has a shared responsibility with our healthcare Customers, Regulators, and Cybersecurity Industry Professionals to help our healthcare Customers build a more secure and resilient healthcare sector infrastructure for the future. The Regulatory Cybersecurity Specialist will work directly with the STERIS Regulatory Cybersecurity team, internal stakeholders, and external security industry partners to ensure that STERIS products and solutions are designed to meet best class cybersecurity industry standards and best practices to protect our products against today’s cybersecurity threats.


He/She will support cybersecurity activities for new product development and maintenance of existing products to develop or improve cyber hygiene of our healthcare products and related solutions.  Through cybersecurity related activities such as static code analysis, vulnerability scanning, web application scanning, threat and vulnerability assessments, networking and security log analysis, he/she will gain experience in cybersecurity risk management and secure product development for healthcare products and solutions. 
 

Duties

•    Researches and assesses new threats and security alerts to recommend remediations.
•    Assists with identification and use of security tools for monitoring vulnerabilities, including ensuring timely resolution of detected product security issues.
•    Vulnerability scanning & testing.
•    Assist with audit log analyses.
•    Creates cybersecurity risk management plans and summary reports.
•    Assist with performing threat modeling, threat and vulnerability assessments, and other cybersecurity related activities.
•    Works collaboratively with other functional areas to create cybersecurity deliverables for regulatory submissions.
•    Assists with secure software development process activities. Analyzes workflows and recommends ways to reduce steps and increase efficiencies through use of technology and automation.
•    Assists with the development of product cybersecurity requirements and security test plans.
•    Assists with establishing and maintaining secure configuration baselines for the products.
•    Help create & execute fuzzing test suite for communication ports.
•    Participate in security industry information sharing forum meetings and webinars.
•    Effectively communicates the Product Cybersecurity Program procedures and policies to internal cybersecurity practitioners and other internal stakeholders.
•    Collaborates with the Regulatory Cybersecurity Team, I & S Cybersecurity, and the Product Cybersecurity Working Group to increase organizational cybersecurity awareness.
•    Other duties as assigned.
 

Experience / Education:

  • Bachelor’s Degree or completion of Boot Camp in Information Security, Information Technology, Computer Science, Cybersecurity Engineering, or related field is required.
  • One+ year of Information or Cybersecurity experience required that includes experience in providing specialized technical expertise and support on projects, in threat and vulnerability assessments, and in implementation and operational aspects of cybersecurity procedures and products.
  • Master’s Degree or completion of Boot Camp in one of the related fields can be substituted for required work experience.
  • Certifications are desired but not required initially (e.g., Computing Technology Industry Association (CompTIA) Network+, Security+ or other position related certifications.
  • Practical knowledge of network topology and the underlying OSI model.
  • Practical knowledge of security technologies such as user authentication mechanisms and cryptography.
  • Familiarity with writing software languages and creating scripts with Powershell, Python or similar.
  • Exposure to static code analysis tools.
  • Familiar with Networking, Security, Systems Administration (Linux or Windows Servers).
  • Prior experience with  virtual machines such as Virtual Box and VM Ware.
  • Exposure to vulnerability scanning, malware detection and remediation methods.
  • Exposure to intrusion detection and data correlation is desirable.
  • Exposure to Metasploit and Kali Linux is desirable.
  • Exposure to Secure Software Lifecycle Development Processes is desirable.
  • Exposure to Agile software development methodology and the Scrum process framework is desirable.

 

 

#LI-SA2

What we offer

The opportunity to join a company that will invest in you for the long-term. STERIS couldn’t be where it is today without our incredible people. That’s why we share in our success together by rewarding you for your hard work. Hiring people who are in it for the long run with STERIS is our ultimate goal. We do this by providing competitive salaries, healthcare benefits, tuition assistance, paid-time off, holidays, matching 401(k), annual merit, and incentive plans.  Join us and help write our next chapter.

 

STERIS is a leading provider of products and services that meet the needs of growth areas within Healthcare: procedures, devices, vaccines and biologics.  We exist to fulfill our MISSION TO HELP OUR CUSTOMERS CREATE A HEALTHIER AND SAFER WORLD. STERIS is a $3B, publicly traded (NYSE: STE) company with approximately 16,000 associates and Customers in more than 100 countries.

STERIS strives to be an Equal Opportunity Employer.  

Req ID:  32305
Job Category:  Regulatory Affairs

Mentor, OH, US, 44060


Nearest Major Market: Cleveland
Nearest Secondary Market: Akron

Job Segment: Testing, Risk Management, Computer Science, Linux, Information Security, Technology, Finance