Cybersecurity Professional (f/m/d) - Oncology Systems

At Varian, a Siemens Healthineers Company, we bring together the world's best talent to realize our vision of a world without fear of cancer. Together, we work passionately to develop and deliver easy-to-use, efficient oncology solutions.

We are part of an incredible community of scientists, clinicians, developers, researchers, professionals, and skilled specialists pushing the boundaries of what’s possible, to improve people’s lives around the world. We embrace a culture of inclusivity in which the power and potential of every individual can be unleashed. We spark ideas that lead to positive impact and continued success.

If you want to be part of this important mission, we want to hear from you.

Due to increasing business opportunities within our cybersecurity team, we are currently seeking an experienced Cybersecurity Professional on a full-time basis. This is a remote role in Germany.

Your role:

• Perform periodic analysis and reporting of disclosed third-party vulnerabilities affecting the product.
• Review cybersecurity assessments provided by the software development teams.
• Maintain the Cybersecurity Risk Assessment Report and Cybersecurity Requirements documents for each product release using inputs from software engineering and architecture teams.
• Support the coordination of internal and external penetration testing activities on the product’s applications and IT infrastructure.
• Setup and maintain periodic vulnerability scanning methodologies for the product.
• Support the product certificate management program using industry best practices.
• Support the creation and reporting of cybersecurity metrics for the Proton Solutions business area.
• Collaborate with the product development teams to integrate cybersecurity practices into the design and development of the product.
• Support the development and implementation of cybersecurity policies, procedures, and best practices specific to medical device development.
• Develop technical training content and guidance for the training department to implement into the training programs for the development and product field support teams.
• Collaborate across business areas with cybersecurity professionals to harmonize best practices where possible.

Your profile:

• Bachelor’s degree in software engineering, computer science, information technology, or related discipline.
• Multiple years professional work experience developing and testing software products, preferably C# / .NET or C++ or related.
• Knowledge of current cybersecurity best practices, standards, and frameworks (e.g., NIST, ISO 27001).
• Familiarity with securing IT equipment including Windows-based systems, network switches, and firewalls.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) are a plus.
• Understanding of medical device regulations such as FDA cybersecurity guidance and GDPR.
• Experience with network equipment (Juniper experience a plus).
• Business fluent language skills in English.