Security Analyst - Application Security Boston, MA Downtown Long-Term Contract Some good to have attributes The role does not have any hands-on development requirement. Should have in past and should play a role to liaison across functions in the organization. Should have experience with threat models, security requirements, SBOM and risk documentation. Provide innovative ideas on improving current processes. Description The Product Security Analyst will serve as a subject matter expert on cybersecurity activities for the R&D capital equipment team. The analyst will work closely with external partners and internal cross-functional teams to drive the completion of cybersecurity deliverables as per organizations standard operating procedures. They will collaboratively identify and mitigate potential cybersecurity risks during the pre-market phase, deliver essential documentation, guide decision-making, and drive post-market vulnerability management activities. Additionally, they will prioritize the balance between business needs and security objectives while considering the perspectives of both internal and external customers.
Primary Duties And Responsibilities Develop deep understanding of organizations security processes and procedures to serve as a subject matter expert on cybersecurity activities. Partner with engineering teams (console, pump, etc.) to drive successful adherence to organizations product security program during product development, testing, and release phases. Work with external partners as well as collaborate with internal cross functional teams to own and drive cybersecurity project deliverables. Collaborate with product development teams to identify potential cybersecurity risks during the pre-market phase. Deliver documentation for pre-market development activities including security plans, architecture and data flow diagrams, threat models, requirements, SBOM, and risk documentation. Monitor and drive post-market vulnerability management activities, with adherence to strict timelines. Recommend and execute security measures to mitigate identified risks and improve product security. Guide teams to make decisions that balance business needs with security objectives. Think across organizational boundaries and empathizes with customers, both internal and external. Perform other related duties and responsibilities, as assigned. Qualifications Bachelor's degree in computer science, Cybersecurity, or a related field (or equivalent practical experience). In-depth knowledge of pre-market product security and familiarity with industry best practices. Experience with security risk management techniques and tactics. Experience in assessing pre-market cybersecurity risks, vulnerability testing, and implementing security measures. Strong understanding of secure software development lifecycles (SDLC) and related processes. Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR). Experience working in a regulated environment, FDA-regulated preferred. Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines. Committed to working with a sense of urgency and embracing new challenges. Strong communication and interpersonal skills. Report this job Dice Id: ******** Position Id:
