Product Security Specialist

Company Description

We believe in the power of ingenuity to build a positive human future.

As strategies, technologies, and innovation collide, we create opportunity from complexity.

Our teams of interdisciplinary experts combine innovative thinking and breakthrough technologies to progress further, faster. Our clients adapt and transform, and together we achieve enduring results.

We are over 4,000 strategists, innovators, designers, consultants, digital experts, scientists, engineers, and technologists. And we have deep expertise in consumer and manufacturing, defence and security, energy and utilities, financial services, government and public services, health and life sciences, and transport.

Our teams operate globally from offices across the UK, Ireland, US, Nordics, and Netherlands.

PA. Bringing Ingenuity to Life.

We are seeking a Product Security Specialist with expertise in connected/ IoT medical devices or healthcare products to join our team. The ideal candidate will be responsible for working with our clients to advise and shape the overall security strategy for products, ensure secure design, development, and deployment across the entire product lifecycle, and implement industry best practices to protect sensitive healthcare data.

Key Responsibilities:

• Work with client product teams and functional groups on determining objectives, scope, and timelines for key product security initiatives and architecting the delivery methodologies.
• Assess security risks across client product portfolios and recommend remediation strategies while balancing business and technical requirements.
• Advise on strategies around coding, threat modeling, and security testing for embedded systems, IoT devices while ensuring compliance with industry regulations.
• Work alongside client R&D teams to lead on secure code reviews, threat modeling, security risk assessments, vulnerability assessments and validation and verification of controls.
• Monitor emerging cybersecurity threats in the IoT and medical device landscape and write thought leadership to showcase PA’s point of view on these.
• Build strong stakeholder relationships across our clients.
• Foster team growth, training and deliver outcomes.
• Support and drive business development efforts.
• Manage projects with expertise.
• Solve problems with a consulting approach.

Flexible working: We are guided by our client work and needs; however, you have autonomy to manage your time and diary to suit your work/life balance.

• 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry.
• Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance.
• Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining residual risk after applying compensating security controls.
• Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems.
• Experience working with teams in a structured software development lifecycle process.
• Excellent interpersonal skills, both written and verbal, with the ability to clearly convey complex security topics to a wide audience - technical and non-technical teams.
• Proven track record of achieving outcomes and nurturing relationships.
• Skilled in crafting compelling proposals and other business development materials. Proficient in cultivating opportunities within the client base and network.
• Holds Cyber Security accreditations/qualifications such as [CISSP, CSSLP, CISM], indicating a solid foundation in the field.

We know the skill-gap and ‘somewhat need to tick every box’ can get in the way of meeting brilliant candidates, so please don’t hesitate to apply – we’d love to hear from you.

Apply today by completing our online application

#LI-IC2

Life At PA encompasses our peoples' experience at PA. It's about how we enrich peoples’ working lives by giving them access to unique people and growth opportunities and purpose led meaningful work.

Our purpose guides how we work with our clients and our teams, and support our communities, to deliver insight and impact, solving the world’s most complex challenges. We're focused on building a workplace that values human difference and diverse mindsets, and a culture of inclusion and equality that unlocks the potential in our people so everyone can be their best self.

Find out more about Life at PA here.

We are dedicated to supporting the physical, emotional, social and financial well-being of our people. Check out some of our extensive benefits:

• Health and lifestyle perks accompanying private healthcare for you and your family.
• 25 days annual leave (plus a bonus half day on Christmas Eve) with the opportunity to buy 5 additional days.
• Generous company pension scheme.
• Opportunity to get involved with community and charity-based initiatives.
• Annual performance-based bonus.
• PA share ownership.
• Tax efficient benefits (cycle to work, give as you earn).

We’re committed to advancing equality. We recruit, retain, reward and develop our people based solely on their abilities and contributions and without reference to their age, background, disability, genetic information, parental or family status, religion or belief, race, ethnicity, nationality, sex, sexual orientation, gender identity (or expression), political belief veteran status, or other by any other range of human difference brought about by identity and experience. We welcome applications from underrepresented groups.

Adjustments or accommodations - Should you need any adjustments or accommodations to the recruitment process, at either application or interview, please contact us on recruitmentenquiries@paconsulting.com.