Global Software Security Engineer SD&I Immuno
DiaSorin
Global Software Security Engineer SD&I Immuno
Diasorin is a global leader in diagnostic solutions, pushing the boundaries of science and technology to create cutting-edge tools that improve healthcare worldwide. With a legacy spanning over 50 years, we've earned our reputation for excellence by developing innovative diagnostic assays and instruments that are trusted by healthcare providers around the world.
Our broad offering of diagnostic tests and Licensed Technology solutions, made available thanks to ongoing investments in research, positions us as the player with the widest range of specialty solutions in the sector and identifies us as the "Diagnostics Specialist."
Why Join Diasorin?
Impactful Work: When you join Diasorin, you become part of a team that's dedicated to improving lives. Your contributions will directly impact patient care, making a meaningful difference in the world.
Global Reach & Innovation: Our work transcends borders. Joining Diasorin means collaborating with colleagues from all over the world, expanding your horizons, and contributing to global healthcare solutions at the forefront of the diagnostic industry.
Diverse and Inclusive Culture: We believe in the strength of diversity, and our inclusive culture reflects this commitment. We value your unique perspective and offer a supportive, collaborative environment where everyone can thrive.
Join Our Team: If you're passionate about innovation, diversity, and making a positive impact on healthcare, Diasorin is the place for you. We're looking for passionate and talented individuals who are ready to embrace new challenges and drive healthcare solutions forward.
Are you ready to be part of a dynamic team that's shaping the future of diagnostics? Join Diasorin and become a catalyst for change in the world of healthcare. Apply today and be a part of our exciting journey toward a healthier, more connected world. Together, we can make an impact!
Job Scope
The Global Software Security Engineer will provide valuable technical, operational and documentary contributions to the Team in accomplishing software design and test activities related to the secure development of new instruments and the improvement of existing ones. You will contribute with a professional, quality-driven, and proactive attitude, with the goal of building solid corporate know-how and delivering the highest product and service quality to DiaSorin customers.
Key Duties and Responsibilities
Define, review and update software security requirements (high-level and low-level) deriving from higher level requirements, from market feedback or from regulatory requirements
Review the associated software specifications
Manage periodic security activities such as vulnerability scans, penetration testing, and SBOM vulnerability monitoring, including their review and integration into the security framework of the managed devices.
Manage the editing and review of internal security software testing plans and support their execution.
Contribute to the implementation and release process of software security updates.
Manage, in collaboration with third-party partners when required, the assessment of security findings and security information requests from the field.
Contribute to communicating with notified bodies and agencies (e.g. US FDA) the outcome of software security activities and respond to the incoming responses.
Interact with other development areas within the Team, with Project Management and Device Lead, as per the joint development/improvement tasks
Contribute actively to troubleshooting and bug fixing activities.
Interact with other Company functions to provide team's know-how and support problem solving activities.
Ensure compliance with the Code of Ethics, the Quality Management System, the Company Policies and the Corporate Procedures
Education, Experience, and Qualifications
Master's Degree in Computer Science, Engineering, Physics, Informatics, Mathematics
Previous experience in a similar role is highly appreciated
Experience: Previous experience in IVD (In Vitro Diagnostics) and/or highly regulated FDA environments and biotechnology industry experience is highly appreciated
Technical Competencies:
Knowledge of the SW Life cycle (EN 62304).
Knowledge of cybersecurity principles and best practices.
Knowledge of cybersecurity capabilities, including authentication, authorization, node authentication, auditing, system hardening, and data integrity.
Understanding of security requirements for protocols used in connected devices.
Knowledge of, or willingness to learn, security testing such as vulnerability scanning, penetration testing, fuzz testing, and SAST/DAST.
Knowledge of, or willingness to learn, threat modeling methodologies (e.g. STRIDE, PASTA, TARA, attack trees)
Knowledge of software security as per FDA Cybersecurity Guidance and EU MDR cybersecurity expectations is desirable.
Knowledge of GMP (Good Manufacturing Practice) is desirable.
Knowledge of cloud solutions, remote desktop solutions, AI and Machine Learning is desirable
Knowledge of requirements engineering approach (nice to have)• Good use of Microsoft Office suite
Basic level of programming skills (nice to have).
Skills:
- Accuracy and comprehension of technical issues
- High problem-solving and decision-making capabilities
- Ability to identify security attack surfaces and misuse cases for connected devices
- Effective analytical skills
- Interdisciplinary thinking and high-quality awareness
- Well organized with the ability to work independently and as part of a team
- High commitment and willingness to learn
- Positive, proactive and open-minded attitude
- Focus on results
- Requested competencies and skills may vary depending on seniority
Languages:
Fluent spoken and written Italian and English
Travel availability:
Travels may be required
What we offer:
Receive a competitive salary and benefits package as you grow your career at DiaSorin. Join our team and discover how your work can impact the lives of people all over the world.
HYBRID WORK