• Ensure that Spacelabs products are implemented to a high security standard that adheres to regulatory and industry standard requirements.
• Lead security initiatives and serves as Point of Contact
• Provide security guidance as Subject Matter Expert on all Spacelabs products and services.
• Work with teams to implement, identify and advance security at Spacelabs.
• Manage the security Product Requirement Documents (PRD) for the assigned Spacelabs products and/or services.
• Implement product and testing solutions in Security lab.
• Conduct product risk assessments, prioritize threats, and help develop mitigation strategies.
• Conduct security testing and audit for product software and infrastructure.
• Collaborate with the engineering team to perform regular product vulnerability assessments, secure code testing, SOUP testing and threat models.
• Conducting and/or analyzing vulnerability assessments to validate system compliance with Risk Management Framework controls and DISA Security Technical Information Guidelines (STIGS) and/or CIS Benchmarks
• Participate in and assist with the development of product documentation, security documentations and test protocols.
• Responsibility for validating and analyzing the security test results, producing summary reports and interpretation.
• Liaison with the US government for RMF activities and follow-ups
• Update and maintain Plan of Actions and Milestones (POA&M) documentation for product RMF maintenance.
• Responsible for overseeing, supporting, and documenting the secure implementation and administration of the Spacelabs AWS and EC2 cloud services.
• Manage security controls using SecureFrame (security compliance automation)
• Uphold the company’s core values of Integrity, Innovation, Accountability, and Teamwork.
• Demonstrate behavior consistent with the company’s Code of Ethics and Conduct.
• It is the responsibility of every Spacelabs Healthcare employee to report to their manager or a member of senior management any quality problems or defects for corrective action to be implemented and to avoid the recurrence of the problem.
• Duties may be modified or assigned at any time to meet the needs of the business.

• Must be a U.S. citizen or have a Permanent Resident Card (green card)
• Bachelor's degree in Computer Science, a related technical field or equivalent practical experience
• In-depth knowledge of IT concepts, strategies, and methodologies. In-depth knowledge of diverse and emerging technologies and new architectural concepts and principles.
• Knowledgeable in cloud computing environments, security infrastructure, and cloud pipeline deployment; proficient in new and emerging technologies.
• Able to demonstrate clear understanding of current cybersecurity threats to on-premises products and Cloud infrastructure and/or IT infrastructures at technical and managerial levels.
• Highly developed negotiation, consensus building & influencing skills, facilitation, and the adaptability to respond to change quickly. Highly developed oral and written communication skills; strong presentation skills.
• 10+ years of experience in IT and Cybersecurity
• Experience in web app security, vulnerability research, and security assessments
• Strong familiarity with OWASP Top 10 vulnerabilities, their discovery, exploitation and remediations
• Strong foundation in computer and network security, authentication, security protocols and applied cryptography.
• Strong English communication skills that include the capability to clearly communicate information security concepts and risks both orally and in writing.
• Adept at reading, writing, and interpreting technical documentation and procedures.
• Familiarity with networking implementations
• Skilled at working within a team-oriented, collaborative environment.
• Ability to be able to work across global time zones when the need arises.
• Must have AWS Certified Security certification.
• Strong organizational skills, attention to detail and ability to multi-task
• Ability to troubleshoot and work under minimal direction.
• Must have or be willing and able to obtain a security clearance.

• Must have or be willing and able to obtain a security certification, such as Security+, CISSP, CEH, CCSP, CCNA Security
• Experience in working in a healthcare delivery organization or a medical device manufacturer is desirable.
• 3+ years of experience working in the Product Security space, as a builder or breaker
• Cybersecurity Framework experience such as NIST 800-53, NIST 800-17, and ISO 27001 governance and compliance standards hands-on experience.
• Familiarity with at least some of the following: C, C++, Java, Python, Go, JavaScript
• Experience with implementing controls and hardening guidelines such as CIS Benchmarks or Security Technical Implementation Guidelines (STIGs) is a plus.
• Experience performing software security testing of products using software code analysis tools is a plus.
• Experience working with cryptography and Anti-Tamper design knowledge.
• Experience working with US government agencies is a plus.
• Experience working with government RMF processes such as DoD 8510.01 is a plus.

NOTICE TO THIRD PARTY AGENCIES

OSI Systems, Inc. and its subsidiaries (collectively “OSI”) does not accept unsolicited resumes from recruiters or employment agencies. If any person or entity, including a recruiter or agency, submits any information, including any resume or information regarding any potential candidate, without a signed agreement in place with OSI, OSI explicitly reserves the right to use such information, and pursue and/or hire such candidates, without any financial obligation to the person, recruiter or agency. Any unsolicited information or resumes, including those submitted directly to hiring managers, are considered and deemed to be the property of OSI.

Equal Opportunity Employer - Disability and Veterans

EEO is the Law