Lead Product Security Engineer: Elekta

We don’t just build technology. We build hope.

Do you wish you could make a bigger impact?

At Elekta, our product security team protects our customer systems across the globe ensuring patient data is secured and safe to achieve medical device intended use from concept to end of life.

This is a hands-on security engineer role reporting to the Chief Product Security office / Head of Product security. You will be part of the security team applying your software engineering, security analysis, penetration testing, DevOps, and requirement definition experience working in a consultative manner embedded with multiple software and hardware development teams.

Ideal candidates should be self-motivated, thrive in a fast-paced environment and always searching for a better way. The ideal candidate will have previous IT Security experience, software development, and/or DevOps build experience.

This is a hybrid work environment requiring 3 days on site based on the teams supported.

If you are creative, smart, and motivated by continual technical skill growth, we’d like to talk to you.

What you’ll do at Elekta

Your responsibilities will include (but not limited to)

You will bring technical security skills to support multiple stakeholders such as Architecture, Engineering, IT, and Testing teams to implement security capabilities.

• Develop deliverables to meet medical device regulatory requirements globally.

• Implement end to end medical device risk assessments in alignment with SW96 risk assessment.

• Perform in depth analysis of the security posture of hardware and software products independently and as part of engineering teams.

• Develop cybersecurity requirements for medical devices.

• Execution of vulnerability assessments, penetration tests and secure code scanning.

• Track vulnerabilities identified in development, testing, and post market monitoring and work resolutions and mitigations.

• Respond to cybersecurity questionnaires from customers.

• Support global teams for cybersecurity related requests.

• Serve as a cybersecurity subject matter expert for software teams and the local site.

• Analyze Security incidents to determine root cause.

• Keep up-to-date on emerging cybersecurity technologies and trends to help other employees understand the critical role of cybersecurity in the development of our products

The right stuff

• Familiarity with cybersecurity-related guidance from FDA 524B, MDR, IEC/ISO, NMPA, ISO27001, and NIST.

• Understanding of the secure development lifecycle of medical devices and software, including knowledge of secure coding techniques and good practice and OWASP.

• Experience in an FDA/MDR-regulated field (Medical Device/Pharmacy) is a plus, but not required.

• Experience in a DevSecOps role is a plus, but not required.

• Threat hunting experience is a plus.

• Security certifications from organizations such as (ISC2) and CompTIA are a plus, but not required.

What you bring

• Bachelor's degree in related area and/or equivalent experience/training.

• 7+ years of experience in cybersecurity-related job roles, preferably in product security area and IT Security.

• Experience performing cybersecurity risk assessments and analysis following medical device standards.

• 3 years of experience working with software development.

• Experience with Linux, Windows, Citrix, and Network Operating Systems required.

What you’ll get:

In this role, you will work for a higher purpose; hope for everyone dealing with cancer, andfor everyone regardless of where in the world, to have access to the best cancer care. Inaddition to this, Elekta offers a range of benefits.

• Hybrid work option (you are required to work on location at least 3 days/week)

• Up to 25 paid vacation days (plus bank holidays)

• Holiday Purchase Scheme

• Private Medical Insurance

• Attractive Employer Pension Contribution Package

• Cycle to work scheme

• Life Assurance

• Onsite subsidized restaurant, offering budget-friendly dining

• Love electric (Electric vehicle salary sacrifice scheme)

Hiring process

We are looking forward to hearing from you! Apply by submitting your application and résumé in English, via the “Apply” button. Please note that we do not accept applications by e-mail.

Your Elekta contact

For questions, please contact the Global Talent Acquisition Partner responsible, Sarah Elmasry, at Sarah.Elmasry@elekta.com. We do not accept applications through e-mail.

We are an equal opportunity employer

We are an equal opportunity employer. We evaluate qualified applicants without regard to age, race, colour, religion, sex, sexual orientation, gender identity, genetic information, national origin, disability, veteran status, or any other protected characteristic.