Cyber Security Engineer

Talascend is currently seeking a Cyber Security Engineer for a contract opportunity with our client in Wauwatosa, Wisconsin.

Overview

We are seeking a skilled cyber security engineer (contract) to fill a key role within ultrasound, with a focus on vulnerability management and incident response capability. In this role you will work in a team to identify risks and communicate and track product vulnerabilities.

Shift

1st shift, 80% onsite in Wauwatosa

Responsibilities

• Complete DoD monthly security scans and remediation actions, and prepare quarterly POAM review.
• Support commercial and installed base inquiries.
• Maintain cyber Bills of Material and conduct proactive vulnerability monitoring and assessment on cyber components.
• Scope and participate in hardware and software penetration tests, vulnerability identification and vulnerability risk assessment.
• Engage in incident response methods and lead incident response processes related to product cyber.
• Create and track meaningful metrics around product cyber risk and compensating controls.
• Discover and mitigate vulnerabilities in sensitive Critical Infrastructure/Key Resource Domains.
• Develop and design innovative cyber security solutions for unique and complex technologies.
• Assess and investigate specific threats in terms of severity and impact.
• Create detailed reports on vulnerabilities, bugs, and design flaws.
• Create vulnerability and incident trend analysis to improve product design.
• Automate cyber trending and change detection.
• Design an early detector of changes in security status with the ability to compare SBOM, SCAP and NESSUS results against a baseline.
• Engage and administer End of Life processes for digital products.
• Consult architects on security requirements and utilize best practices to meet requirements.
• Engage in application and domain-specific threat modeling and attack surface analysis/reduction.
• Prepare reports at appropriate levels of confidentiality for stakeholders to view.

Qualifications

• Bachelors degree in computer science or STEM majors with minimum of 6 years of professional experience including cyber security.
• Certification in the Privacy, Security & Regulatory domain or related certification.
• Familiarity with identifying, analyzing, and ethically exploiting the various classes of vulnerabilities that affect executable code.
• Strong knowledge of TCP/IP networking and ability to use Wireshark to capture and analyze network traffic.
• Hands-on experience working with Windows and Linux based systems.
• Programming skills in one or more languages (Python, C, C++, CUDA, etc.).
• Business acumen: Able to translate vulnerability information into business risks relevant to customers.
• Good understanding of workflow in the healthcare industry.
• Knowledge of ultrasound or demonstrated experience with development of medical device software.
• Experience with cyber security framework (NIST 800-53, ISO 27001, IEC 62443, etc.) implementation and governance.
• Experience with secure coding principles; code signing and secure boot.
• Experience with penetration testing and ethical hacking.
• Demonstrated ability to work with blended Agile teams, including global teams.
• Excellent communication, facilitation, and documentation skills.
• Participation in global team meetings - willing to adjust work times to accommodate Europe.