We’re hiring! If you want your contributions to make a real difference, check out this new career opportunity with us at Draeger where we are led by the guiding principle “Technology for Life”.

In this role you will:

• Lead product threat modeling and assessment activities, leading towards Common Vulnerability Scoring System (CVSS) score.
• Work with Risk Assessment organization to assess system risk of items identified during threat modeling, creating system hazard requirements as required per process based on this assessment activity.
• Responsible for Draeger compliance with latest DoD Security Technical Implementation Guide’s (STIG’s) via monthly Nessus vulnerability scanning to maintain DoD RMF certification for Draeger RMF qualified products.
• Design, develop, test, and maintain Penetration, Fuzz testing, and other vulnerability testing tools for the purpose of evaluating the cybersecurity readiness of Draeger products.
• Responsible for creating, updating, and posting Manufacturer Disclosure Statements for Medical Device Security (MDS2) and other required customer facing documents as required per Draeger cybersecurity processes.
• Responsible for the per process periodic Review Software Bill of Materials (SBOM), looking for newer versions of listed software items that need to be evaluated for cybersecurity vulnerability fixes and scored using the CVSS method. All results shall be documented per process and will be used as input to system risk analysis.
• Responsible for creating, releasing, and publishing Cybersecurity Advisories to Draeger customer facing web site to meet required regulatory agency disclosure rules and internal Draeger cybersecurity processes.
• Participate in post market release team reviews of cybersecurity field complaints, providing guidance on severity and probability scoring for each identified vulnerability, setting priority order on items that need to be fixed/resolved.
• Create and release all Draeger process required cybersecurity program documents. These documents will be stored in the design history file of the product as proof of compliance to process.
• Performs other duties as needed and assigned.

Education: BS Cybersecurity, Computer Science or other technically related field; MS Cybersecurity or Computer Science preferred.

Qualifications:

• 5-10 years of practical application security work experience, preferably including some or all of the following: source code auditing, penetration testing, product assessments, vulnerability research, reverse engineering, and related pursuits.
• 5 years of practical software development experience - C/C++/, Python, JavaScript
• Experience using the Microsoft Threat Modeling tool
• Working knowledge of DoD STIGs

This role is based out of our Telford, PA facility which offers its employees beautiful walking trails, onsite fitness center with yoga and fitness training classes, self-service café with a large indoor/outdoor gathering space, and a state-of-the-art Design Center. Telford is our US manufacturing site for the Neonatal product line as well as production support for Dräger’s Safety products. This location also serves as the key site for essential US functions which includes Medical Sales and Service Management, Medical Marketing, Legal, Compliance, Regulatory, Quality and Finance.

In North America, Draeger employees over 1,400 employees working in our major sites in the United States and Canada (in the US: Andover, MA; Telford, PA; Houston, TX, and in Canada: Mississauga, ON), including our Sales and Service workforce employees from coast to coast.

EEO is the Law

Draeger is an Equal Opportunity Employer. To learn more: Know Your Rights: Workplace Discrimination is Illegal (dol.gov)

Equal Opportunity Employer – Disability and Veteran

Draeger is a leading international company in the fields of medical and safety technology. Whether in clinical applications, in industry, mining or emergency services: Draeger products protect, support and save lives. That's what our more than 15,000 employees have been striving for - every day for more than 130 years. Dräger - Technology for Life ®

• Health Insurance
• Professional development opportunities and coaching
• Flexible working time
• Company sports and prevention courses
• Health center and gym
• Contributions to (occupational) pension plans
• Retirement savings