[Medical Device] Cybersecurity Quality Engineer

Job Title

[Medical Device] Cybersecurity Quality Manager

Location              

Pangyo, Gyeonggi-do, South Korea

Job Description

This role will be responsible for ensuring that the medical device software is developed and maintained securely             protecting devices from vulnerabilities. They will develop plans, perform risk assessments to identify and mitigate         potential cybersecurity threats, develop cybersecurity controls, collaborate with development teams to integrate           secure coding practices, and review software architecture for potential security risks. They will also ensure compliance with IEC 62443, ISO 27001, IEC 62304, ISO 14971, and FDA cybersecurity guidance. They will assist engineers to           develop requirements documentation that specify requirements from the system to code level. 

Key Responsibilities

•Conduct comprehensive security risk assessments, identifying and mitigating potential threats and vulnerabilities.
•Collaborate with development teams to integrate secure coding practices throughout the software development              lifecycle. 

•Perform code reviews and security testing to identify and address vulnerabilities. 

•Review embedded system(software & hardware) architecture to ensure security considerations are integrated. 

•Ensure compliance with cybersecurity standards such as IEC 62443, ISO 27001, IEC 62304, ISO 14971, and FDA              guidance. 

•Assist in developing and documenting security requirements from system to code library level. 

•Stay updated on cybersecurity threats and implement necessary countermeasures. 

•Continuously improve security processes and procedures to enhance the organization's overall security posture.

•CWE and CVE management.

•Opensource and security management.

Key Requirements

•3+ years medical embedded system cybersecurity experience.

•Good understanding of Cybersecurity standards (ISO 27001, IEC 81005, IEC 62443, UL 29001)

•Experience in ‘Cyber security or Opensource testing’ tools (Blackduck, Labrardo, etc.)

Preferred (not mandatory)

•10+ years software quality or security experience

•Experience in the medical device industry

•Good understanding of the IEC 62443 standard

•5+ years experience for cybersecurity test or medical device test

•Experience in CVE, CWE management

•Working knowledge of FDA guidance on cybersecurity

•Able to read, write, and communicate in English

Contact

May Lwin, Permanent Associate Consultant

02 6200 9787

May.Lwin@adecco.com