Cyber Security Engineer


We are one of the largest and most prestigious pharma companies in the world, that has been in business for over 100 years and is still growing. We have invested very heavily in both our DevOps and our Cyber Security teams, and are looking to grow those teams by hiring several consultants.  This will be a FULLY REMOTE 6-month contract with potential for extension. We are looking to hire a Senior Cyber Security Engineer to work within our DevSecOps and Product Divisions.

What will the Senior Cyber Security Engineer (Product) Do?

End-to-end activities that belong to the secure software development lifecycle for
our products.

  • Defining adequate cyber security mitigations, identifying threats, assessing risks, defining security testing methods and scope, and tracking remediation actions of security findings during development.

  • Conduct planning and execution of 3rd party review activities (Verification &
    Validation) related to Cybersecurity and Software Architecture.

  • Proactively identify flaws in our product security, assess patient safety and
    business risk, and advise product managers on remediation steps.

  • Advise product teams to plan and implement adequate cybersecurity maintenance
    activities throughout the product's lifecycle.
  • Support development and maintenance of processes and tools for threat modeling,
    cybersecurity risk assessment, and security testing with penetration testing tools, like Kali
    Linux, OWASP ZAP, Nessus, and others.

    Which Skills are we looking for in a Senior Cyber Security Engineer (Product)?

    Minimum 5 years of related work experience in product security, with demonstrated
    experiences in areas such as:
  • SDLC in Software Development, Network technology, Cryptography, Cloud
    computing technologies, and DevSecOps methodologies.
  • Threat modeling, attack surface analysis, risk management, security testing,
    penetration testing and remediation activities.
  • Security by design and default concepts, OS hardening
  • System and cloud infrastructure hardening and monitoring
  • Preferable certifications: CISSP
  • Working knowledge of security controls, guidelines, and standards (ISO27000 series, OWASP, CSA CCM, CIS 20 Critical Security Controls, SOC 2, and NIST)
    Good understanding of privacy and data protection regulations (e.g., HIPAA, EU GDPR)

What's in it for the right Senior Cyber Security Engineer (Product)?

  • $95-100 per hour consulting rate
  • A minimum of a 6-month project
  • A great leadership staff that cares about its employees and contractors
Alex Dubovoy

EVP of Customer Relations, Executive Technology Recruiter

(646) 536-3319