| Penetration Tester :: Remote ( Should betravel ready to customer location once in a while for some testing) at Remote, Remote, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=3026584&uid=9a6a83fd9f5e47d8956e443a3c432394 Hi, My name is Uma, and I am a Sr. Technical Recruiter at E-Solutions Inc. I am reaching out to you for an excellent job opportunity with one of my top tier clients across America. If you are available and looking for something exciting, please revert with your updated resume. Role: Penetration Tester Location: Remote ( Should be travel ready to customer location once in a while for some testing) Job Summary: We are seeking an experienced Penetration Tester with specialized knowledge in medical devices and FDA 510(k) compliance to support our cybersecurity efforts. The ideal candidate will have hands-on experience conducting Threat Modelling, Ethical hacking and vulnerability assessments in FDA-regulated environments, ensuring our connected medical products meet security standards for submission and post-market monitoring. Key Responsibilities: Strategize and plan static and dynamic application security testing (SAST/DAST/ SCA) tools. Conduct manual and automated penetration testing on medical devices, embedded systems, and healthcare applications. Identify, exploit, and document vulnerabilities in both hardware and software used in Class II/III devices. Collaborate with R&D, Regulatory, and Quality teams to ensure test findings are addressed in FDA 510(k) submissions. Prepare detailed technical reports and risk assessments that meet FDA and ISO/IEC 81001-5-1 requirements. Assist in the development and validation of Secure Software Development Lifecycle (SSDLC) practices. Support threat modeling, risk management, and cybersecurity assessments required by FDA premarket guidance (e.g., Cybersecurity in Medical Devices). Stay current on regulatory guidance (FDA, NIST, IEC 62443, ISO 14971) and industry best practices. Requirements: Technical Skills: Strong understanding of penetration testing methodologies (e.g., OWASP, PTES, MITRE ATT&CK). Familiarity with medical device communication protocols (e.g., BLE, Zigbee, HL7, DICOM, MQTT). Secure coding practices: Knowledge of secure coding standards (e.g. OWASP top 10, OWASP ASVS) and experience in reviewing code for security vulnerabilities. Proficient with tools like Burp Suite, OWASP ZAP, Metasploit, Nmap, Wireshark, Kali Linux, etc. Experience testing embedded systems, firmware, and mobile/IoT medical applications. Familiarity with Git version control, CI/CD pipeline and bug tracking tools. Strong command line skills and troubleshooting experience in Linux environments. Regulatory Knowledge: Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks In-depth understanding of FDA 510(k) submission processes and cybersecurity requirements. Familiarity with FDA premarket guidance (2023 updates), post market management, and SBOM expectations. Understanding of HIPAA, GDPR, and other data protection regulations as they relate to medical devices. Education and Experience: Bachelors or Masters degree in Computer Science, Cybersecurity, Biomedical Engineering, or related field. 5-8 years of experience in cybersecurity testing, with at least 2 years in the medical device industry. Certifications preferred: OSCP, CISSP, CEH, GICSP, or CRISC. Preferred Qualifications: Experience with testing and securing gRPC APIs. Hands-on experience in AWS cloud security and compliance. Proficiency in python programming knowledge to develop automations. Experience with implementing security hardening to operating systems (Linux and Windows) as part of secure baselines that is used in end product. Experience working directly on 510(k) submissions or as part of an FDA audit. Prior work in a regulated QMS (ISO 13485, FDA CFR 21 Part 820). Knowledge of DevSecOps integration. Thanks & Regards Uma Adhikari Sr. Technical Recruiter m:(408) 381-2865 w: www.e-solutionsinc.com Disclaimer: E-Solutions Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. We especially invite women, minorities, veterans, and individuals with disabilities to apply. EEO/AA/M/F/Vet/Disability. -- Keywords: continuous integration continuous deployment access management rlang information technology Penetration Tester :: Remote ( Should betravel ready to customer location once in a while for some testing) [email protected] http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=3026584&uid=9a6a83fd9f5e47d8956e443a3c432394 |
| [email protected] View All |
| 11:22 PM 05-Jan-26 |