Sr. Engineer, Cyber Security V&V
- Baxter
- 7 to 10 Yrs
- Bengaluru
- 5 years ago
- Email to a friend
- Report this job
Job Description
Sr. Engineer, Cyber Security V&V Apply Now Save JobJob savedThis is where you save and sustain lives
At Baxter, we are deeply connected by our mission. No matter your role at Baxter, your work makes a positive impact on people around the world. You'll feel a sense of purpose throughout the organization, as we know our work improves outcomes for millions of patients.
Baxter's products and therapies are found in almost every hospital worldwide, in clinics and in the home. For over 85 years, we have pioneered significant medical innovations that transform healthcare.
Together, we create a place where we are happy, successful and inspire each other. This is where you can do your best work.
Join us at the intersection of saving and sustaining lives where your purpose accelerates our mission.
Job Title:
Cyber Security V&V Sr. Engineer
Summary:
This section focuses on the main purpose of the job in one to four sentences.
Baxter has long been on the forefront of developing innovative solutions for patients with kidney disease. Our products and therapies can be found throughout hospitals and clinics from the ER to the OR, from the pharmacy to the ICU as well as advancing patients care in their homes. This position offers a unique and exciting opportunity to help businesses by protecting their products and systems from potential hackers and cyber-attacks in hospitals, clinics as well as homes. You will safeguard sensitive data of a business from hackers and cyber-criminals who often create new ways to infiltrate sensitive databases. We are looking to hire a Cyber Security V&V Engineer with an analytical mind and a detailed understanding of cybersecurity methodologies. Cyber Security V&V Engineers are expected to have meticulous attention to detail, outstanding problem-solving skills, work comfortably under pressure, and deliver on tight deadlines. To ensure success, a Cyber Security Engineer must display an excellent understanding of various phases of Software Testing Life cycles (Manual and Automation) and good hands on experience of Cyber security testing. A good understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits is also must. Top candidates will be comfortable working with a variety of technologies, security problems, and troubleshooting of the security issues.
.
Essential Duties and Responsibilities:
This section contains a list of five to eight primary responsibilities of this role that account for 5% or more of the work. The incumbent will perform other duties assigned.
- Experience in Static Application Security Testing (SAST) to ensure code security and quality, with tools like Tools: Synopsys Coverity, Parasoft jTest (UL Tool)
- Experience in software decomposition and vulnerability scans for both binary and software build artifacts, with tools like Protecode, Black Duck Binary, Black Duck, NSA Ghidra (https://www.nsa.gov/resources/everyone/ghidra/) and other open source tools (e.g. for mobile apps, container based, and interpreted languages)
- Experience in fuzz testing (malformed inputs, randomized packets) to detect crashes, failing built-in code assertions, or potential memory leaks on physical, network, and user interfaces (e.g. USB, GUI, Ethernet, WiFi, Bluetooth, etc), and to validate the implementation of networking and data protocols (TCP/IP, ICMP, OSPF, TLS, HTTPS, MQTT, etc). Experience with the tools like Synopsys Defensics, AFL-LOP (UL Tool) and other tools include bStorm, Achilles, NXP/Freescale USB-KW24D512, Killerbee and Wireshark
- Experience in Penetration testing (Structured or White Box testing) with tools like Nessus, Nmap, Metasploit, NXP/Freescale USB-KW24D512, Killerbee, CeWL, Hydra, Rapid7, Qualys, others: Ubertooth (USB exploitation)
- Experience in Security functionality verification testing using tools like Jack the Ripper (password cracking tool), Network Miner, FIPS 140-2 crypto modules validation suites, AWS cloud security tools
- Experience in Malware scans on machines/images for Enterprise applications with tools like Tools: Sophos, Carbon Black
- Investigate security breaches and other cybersecurity incidents.
- Document security breaches and assess the damage they cause.
- Work with the security team to perform tests and uncover network vulnerabilities.
- Fix detected vulnerabilities to maintain a high-security standard.
- Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards
- Contributes to the team and works with direction from Senior Team Members or management, beginning to work independently.
- Has the ability to take ownership of small tasks and deliver without supervision while using their discretion to seek help when necessary
- Demonstrate the ability work with team members
- Applies principles of SDLC and methodologies like Lean/Agile/XP, CI, Software and Product Security, Scalability, Documentation Practices, refactoring and Testing Techniques
- Participate in continuous improvement activities by identifying and appropriately escalating process and product quality gaps
Qualifications:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. List knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.
Broad understanding of technological areas listed below:
Penetration Testing
Fuzz Testing
Static Application Security Testing
Vulnerability scans
Malware scans
Security functionality verification testing
Demonstrated success in delivering results on several technical challenges.
Background and/or Experience:
Bachelors / Masters in Computer Science, Computer Engineering, Electrical Engineering, Software Engineering or related field and related experience of 7-10 years.
Desired Characteristics
- Demonstrated technical expertise and domain experience
- Understanding of regulated Healthcare industry. E.g. An understanding of FDA design controls requirements is an advantage.
- Previous experience in regulated medical device company.
- Experience with test driven development and automated testing is desired.
- Believes in her/his ability to successfully take on new and difficult challenges, question the status quo and take risks.
Reasonable Accommodations
Baxter is committed to working with and providing reasonable accommodations to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application or interview process, please send an e-mail to Am*********A@ba***r.com and let us know the nature of your request along with your contact information.
Apply Now Save JobJob saved,Employement Category:
Employement Type: Full timeIndustry: ManufacturingRole Category: General / Other SoftwareFunctional Area: Not ApplicableRole/Responsibilies: Sr. Engineer, Cyber Security V&VContact Details:
Company: Baxter IndiaLocation(s): Bengaluru
Baxter
A leader in healthcare for more than 75 years. Baxter assists healthcare professionals and their patients with treatment of complex medical conditions. Information on our business and leadership is available here.
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in