Whitepaper: Dr. Rushanan explains Best Practices for Ensuring Secure… Read Now
OPEN POSITION

Senior Research Scientist, Medical Device Security Analysis

Now Hiring Experts

Job Description

Harbor Labs is currently seeking candidates for the Medical Device Security analyst position. This position reports directly to the Director of Medical Security, supporting the company’s medical device security consulting practice. Duties include providing engineering related to the cybersecurity and cybersafety requirements of medical clients seeking regulatory or professional certifications, as well as maintaining an ongoing security awareness of client devices post engagement.

Typical Activities Include:

  • Perform manual and automated firmware analysis on target devices
  • Perform pen tests, fuzzing and custom exploit attacks against client medical systems
  • Review deployment architectures, topologies and conops for compliance with regulatory security mandates
  • Produce security reports suitable for submission to regulatory bodies

Education:

Preferred education level: Bachelor’s degree in Computer Science, Computer Engineering or related fields. Graduate degree is desirable.

Required Qualifications:

  • 3+ years of experience performing software or networking security analyses
  • 2+ years of experience with exploitation tools, such as Kali Linux, Burp, Nmap, Wireshark, Nessus, Metasploit, Core Impact, and Cobalt Strike, WebInspect, AppDetective, Hailstorm, Aircracking, and Kismet
  • Familiarity with medical equipment, associated software and common deployment models.
  • Ability to clearly convey results in formal technical reports and deliver briefings to senior client staff
  • Strong technical communication and leadership skills to lead investigations with engineers of multiple disciplines
  • Ability to work well with internal technical staff and external customers and technology partners

Preferred Additional Qualifications:

  • Knowledge of medical equipment cyber security principles and documentation
  • UL 2900-2-1 Requirements
  • MDS2
  • Patch validation
  • FDA OS patch regulations
  • FDA reporting
  • ICS-CERT reports
  • Knowledge of PHI handling and HIPAA requirements

Apply Now

Qualified candidates who may only meet a subset of these qualifications are nonetheless encouraged to submit their resumes for consideration.

Please fill out the form and we’ll get back to you shortly.

Accepted file types: pdf, doc, docx, txt, rtf, Max. file size: 10 MB.