1 Jobs für Informationssicherheit in Schweiz
Senior Product Security Engineer (m/f/d)
Zürich, Zürich
Dentsply Sirona
Vor 7 Tagen gepostet
Job angesehen
Arbeitsbeschreibung
Dentsply Sirona is the world's largest manufacturer of professional dental products and technologies, with a 130-year history of innovation and service to the dental industry and patients worldwide. Dentsply Sirona develops, manufactures, and markets a comprehensive solutions offering including dental and oral health products as well as other consumable medical devices under a strong portfolio of world class brands. Dentsply Sirona's products provide innovative, high-quality and effective solutions to advance patient care and deliver better and safer dentistry. Dentsply Sirona's global headquarters is located in Charlotte, North Carolina, USA. The company's shares are listed in the United States on NASDAQ under the symbol XRAY.
We are looking for an experienced and talented Senior Product Security Engineer (m/f/d) to join our team. This individual will help build and enhance our Product & Solution Security (PSS) program. As a senior Product Security Engineer for our medical devices, cloud-based software, and connected solutions, you will be responsible for integrating security into the product lifecycle, ensuring regulatory compliance, and driving a security-first culture.
This is a senior technical role, reporting to the Head of Product and Solution Security, working cross-functionally with R&D, GBUs, Quality Assurance and Regulatory Affairs (QARA), Legal, Sales, IT, and engineering teams within the CTO organization. You will lead secure design reviews, threat modeling, technical code reviews, and the implementation of DevSecOps best practices, tools, and processes.
**Senior Product Security Engineer (m/f/d)**
**Your responsibilities**
· Define and maintain secure design patterns, standards, and reference architectures for all products and solutions.
· Lead threat modeling, security risk assessments, and secure architecture validation across multiple product lines.
· Perform security assessments of code, configurations, and components of complex solutions involving multiple products.
· Embed security into system and software design in collaboration with product management, engineering teams, and QARA.
· Implement and manage security tools and automation in CI/CD pipelines, driving shift-left practices.
· Develop and refine security engineering and architecture standards.
· Design and advise on technical and administrative security countermeasures to manage risk across our products and solutions.
· Ensure product security compliance with FDA, ISO 13485, IEC 62304, HIPAA, GDPR, and IEC 81001-5-1.
· Support regulatory pre-market and post-market cybersecurity compliance (e.g., FDA 510k submissions).
· Define and monitor KPIs and KRIs to track security posture improvements and incident response across our product portfolio.
· Act as a trusted advisor across product teams in the CTO organization and set standards for vulnerability remediation and secure coding.
· Drive the automation of security testing and compliance validation practices.
· Actively participate in architecture governance boards and cross-functional security initiatives.
· Promote a culture of security awareness across the organization.
· Mentor junior and mid-level engineers on secure design, engineering, and coding practices.
**Requirements and Qualifications**
**Education:**
· Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field.
**Years and Type of Experience:**
· 8+ years of experience in cybersecurity, product security, software and hardware security, and cloud security. Experience in the medical device or healthcare industry is a strong plus.
· Industry recognized certifications like CISSP, CSSLP, CCSP, OSCP, or OSCE is a strong plus.
**Key Skills, Knowledge & Capabilities:**
· Proven ability to influence product roadmaps and collaborate effectively with cross-functional teams.
· Strong project management skills, ensuring security initiatives are tracked, measured, and continuously improved.
· Deep knowledge of Secure SDLC (SSDLC) and Secure Product Development Frameworks (SPDF).
· Proven experience implementing secure SDLC practices, DevSecOps and collaborating with engineering teams.
· Proficiency with SAST, DAST, SCA, and CI/CD pipeline integration.
· Strong understanding of secure coding, testing practices, and security automation techniques.
· Knowledge of software, IoT, firmware, and hardware security.
· Experience with cloud security platforms (AWS, Azure, GCP, Alibaba).
· Solid grasp of cryptography, API security, and data protection.
· Experience with threat modeling methodologies (e.g., STRIDE, DREAD, PASTA).
#LI-AS2
Dentsply Sirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in Dentsply Sirona.
If you need assistance with completing the online application due to a disability, please send an accommodation request to ( ) . Please be sure to include "Accommodation Request" in the subject.
We are looking for an experienced and talented Senior Product Security Engineer (m/f/d) to join our team. This individual will help build and enhance our Product & Solution Security (PSS) program. As a senior Product Security Engineer for our medical devices, cloud-based software, and connected solutions, you will be responsible for integrating security into the product lifecycle, ensuring regulatory compliance, and driving a security-first culture.
This is a senior technical role, reporting to the Head of Product and Solution Security, working cross-functionally with R&D, GBUs, Quality Assurance and Regulatory Affairs (QARA), Legal, Sales, IT, and engineering teams within the CTO organization. You will lead secure design reviews, threat modeling, technical code reviews, and the implementation of DevSecOps best practices, tools, and processes.
**Senior Product Security Engineer (m/f/d)**
**Your responsibilities**
· Define and maintain secure design patterns, standards, and reference architectures for all products and solutions.
· Lead threat modeling, security risk assessments, and secure architecture validation across multiple product lines.
· Perform security assessments of code, configurations, and components of complex solutions involving multiple products.
· Embed security into system and software design in collaboration with product management, engineering teams, and QARA.
· Implement and manage security tools and automation in CI/CD pipelines, driving shift-left practices.
· Develop and refine security engineering and architecture standards.
· Design and advise on technical and administrative security countermeasures to manage risk across our products and solutions.
· Ensure product security compliance with FDA, ISO 13485, IEC 62304, HIPAA, GDPR, and IEC 81001-5-1.
· Support regulatory pre-market and post-market cybersecurity compliance (e.g., FDA 510k submissions).
· Define and monitor KPIs and KRIs to track security posture improvements and incident response across our product portfolio.
· Act as a trusted advisor across product teams in the CTO organization and set standards for vulnerability remediation and secure coding.
· Drive the automation of security testing and compliance validation practices.
· Actively participate in architecture governance boards and cross-functional security initiatives.
· Promote a culture of security awareness across the organization.
· Mentor junior and mid-level engineers on secure design, engineering, and coding practices.
**Requirements and Qualifications**
**Education:**
· Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field.
**Years and Type of Experience:**
· 8+ years of experience in cybersecurity, product security, software and hardware security, and cloud security. Experience in the medical device or healthcare industry is a strong plus.
· Industry recognized certifications like CISSP, CSSLP, CCSP, OSCP, or OSCE is a strong plus.
**Key Skills, Knowledge & Capabilities:**
· Proven ability to influence product roadmaps and collaborate effectively with cross-functional teams.
· Strong project management skills, ensuring security initiatives are tracked, measured, and continuously improved.
· Deep knowledge of Secure SDLC (SSDLC) and Secure Product Development Frameworks (SPDF).
· Proven experience implementing secure SDLC practices, DevSecOps and collaborating with engineering teams.
· Proficiency with SAST, DAST, SCA, and CI/CD pipeline integration.
· Strong understanding of secure coding, testing practices, and security automation techniques.
· Knowledge of software, IoT, firmware, and hardware security.
· Experience with cloud security platforms (AWS, Azure, GCP, Alibaba).
· Solid grasp of cryptography, API security, and data protection.
· Experience with threat modeling methodologies (e.g., STRIDE, DREAD, PASTA).
#LI-AS2
Dentsply Sirona is an Equal Opportunity/ Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, sexual orientation, disability, or protected Veteran status. We appreciate your interest in Dentsply Sirona.
If you need assistance with completing the online application due to a disability, please send an accommodation request to ( ) . Please be sure to include "Accommodation Request" in the subject.
Passt dieser Job oder ist er ein Fehlschlag?
Leider ist dieser Job in Ihrer Region nicht verfügbar
Seien Sie der Erste, der es erfährt
Über das Neueste Informationssicherheit Jobs In Schweiz !
0