Senior Security Analyst - MedTech
Chicago, IL

Job Description

Overview

Are you passionate about cyber and security challenges in medical devices, systems and software including clinical environments, associated with threats and vulnerabilities? Are you looking for an enriching experience to build your career and brand?

UL is looking for you if you're seeking a cutting edge career in Medtech Cyber Security and Interoperability as it pertains to patient safety. We're leading the way in establishing digital health requirements and testing activities and are looking to hire team members to join this exciting new group within our organization!

The Senior Cyber Security and Systems Interoperability Analyst will partner with the senior technical team and management in developing and building industry adopted technical requirements, programs, and processes to maintain UL as the highest quality provider for cybersecurity services in Digital Health. Perceived as both the customer's and internal security team's trusted advisor. Conduct advanced penetration tests, exploitation of medical devices and systems, to identify potential areas of vulnerabilities in a large range of domains

Responsibilities

* Conducts security assessments using automated and ad-hoc tools with manual assessment and exploitation as needed.
* Conducts penetration testing against medical devices, software as medical devices and electronic health records software platforms.
* Conducts, documents and communicates risk assessments used in the development of specific threat analysis and security countermeasures
* Coordinates the reporting of performance against initiatives, objectives, and milestones, assuring timely submittal and progress
* Develops and delivers periodic lectures, training, and briefings to all levels of management and clients around industry adopted cybersecurity best practices
* Supports our clients in assessing and training on risks associated with weaknesses found in their products and systems.
* Demonstrates a high level of technical writing proficiency enabling the creation of required information security documentation, technical reports, and formal papers on test findings and complete requests in accordance with requirements.
* Executes and oversees customer engagements to the defined requirements in the timeframe required by customers with the highest quality and integrity of work.
* Supports the digital health team in building and improving UL's assurance programs and services focusing on healthcare and wellness systems with a focus on security, safety and interoperability.

Qualifications

* University degree (Bachelor's degree or higher) in Computer Science or a related discipline commensurate with five years' experience in security
* Experience with cybersecurity testing of medical devices and software to identify weaknesses and flaws. Demonstrated vulnerability research and publishing a plus.
* Experience with leading client engagements from conception to close with exposure to various project management frameworks, methodologies, and tools.
* Experience with software development life cycle security, fuzzing, software composition analysis, firmware analysis, reverse engineering, and static and dynamic analysis.
* Experience with security involving wireless, radio, and cellular communications.
* Hands-on experience with commercial and open source security solutions such as: AppSpider, Burp Suite Pro, Metasploit , Nexpose, Nessus, Kali Linux, Open source security tools.
* Deep understanding of security issues on various operating systems, web and mobile applications, network components, embedded systems, and databases.
* Understanding of electronics theory and experience with practical application.
* Understanding of processor architectures for development and reverse engineering.
* Development experience with a variety of programming or scripting languages.
* Security related certifications will be considered: CEH, CISSP, GIAC, OSCP, OSCE