Software Cybersecurity Engineer IV

***Work Schedule: Hybrid schedule, Monday through Thursday. Required in-office days: Tuesday and Wednesday. Remote flexibility on Monday and Thursday (based on business needs), Fridays off.

We're seeking a talented Software Cybersecurity Engineer IV to lead the design, development, and implementation of cutting-edge cybersecurity controls for embedded medical devices. We're looking for a seasoned expert with a deep understanding of the software lifecycle process and experience guiding software engineers in breaking down requirements into product features and architecture.

As a key collaborator between product security and software engineering teams, you'll ensure compliance with regulatory requirements, industry standards, and our company's strict cybersecurity guidelines. You'll leverage your expertise in programming languages like C, C++, Python, and use Linux to create secure systems, and your knowledge of networking and embedded systems will be invaluable.

Key Responsibilities:

• Lead cybersecurity control design, development, and implementation for medical devices
• Deep understanding of Software Lifecycle processes from initial conception to maintenance. Being able to design and create protypes.
• Strong experience with writing code, production code and rolling it out to the customer - being hands on throughout the coding process
• Object-oriented programming, cloud solutions, and related cybersecurity concerns
• Conduct threat modeling, risk assessments, and vulnerability analyses
• Collaborate with cross-functional teams to integrate security measures into the product development lifecycle
• Define and implement cybersecurity testing plans, including penetration testing and design reviews
• Stay up-to-date with the latest cybersecurity trends, threats, and technologies

Requirements:

• 8+ years of relevant work experience in cybersecurity and software lifecycle
• Bachelor's or Master's degree in Computer Science, Software Engineering, or a related field
• Cybersecurity certifications (CISSP, HCISSP, CEH, CISM, CIMP, etc.)
• Expert understanding of computer networks, embedded systems, and cybersecurity principles
• Strong knowledge of C/C++, Linux, and Real-Time Operating Systems
• Excellent written and verbal communication skills

Preferred Qualifications:

• 10+ years of relevant work experience
• Knowledge of medical device quality systems regulations and standards (e.g., US FDA Quality Systems Regulations 21CFR Part 820, ISO 13485)
• Experience with object-oriented programming, cloud solutions, and related cybersecurity concerns
• Ability to lead agile teams and mentor developers and peers on cybersecurity practices

What We Offer:

• A dynamic and collaborative work environment
• Opportunities for professional growth and development
• A chance to make a meaningful impact in the medical device industry

Who We Are:

KARL STORZ is an independent, family-owned company headquartered in Germany’s renowned MedTech manufacturing region. For 80 years, we've pioneered the most groundbreaking innovations in endoscopic surgery, video imaging, and OR integration to benefit patients and healthcare providers alike. 

With more than 9,000 associates worldwide and 2,600 in the US, we pride ourselves on harnessing cutting-edge technology, precise workmanship, and unrivaled customer support to help healthcare facilities succeed. With onsite locations and field opportunities across the country, we attract a diverse and talented staff.  It's not just about the tools we create—it’s about the lives we change, together.