Cyber Security Scala Information Security Analyst Sunnyvale, CA (Remote for now) 6-8 months project or OPT candidate (or other visas that allows us to represent them as our W2 emps) are encouraged to apply NO C2C They must have: Three or more years' experience, with medical device, ICS/SCADA or embedded system experience Title: Sr. Product Security Engineer (Contract) Dept: Engineering, Product Security Reports To: Director, Engineering Product Security Joining Intuitive Surgical means joining a team dedicated to using technology to benefit patients by improving surgical efficacy and decreasing surgical invasiveness, with patient safety as our highest priority. The Engineering Product Security Team is responsible for the secure-by-design aspects of hardware and software products, infrastructure and cloud services that collect and analyze medical device machine data from thousands of systems deployed world-wide. The ideal candidate for the contract position of Sr. Product Security Engineer will have a proven background in Cyber Risk Analysis / Threat Modeling in a high-trust environment (security clearance) or similar experience in medical devices or industrial control systems. This position requires a candidate with strong technical and interpersonal skills, the ability to work effectively and collaboratively with the business and peer Engineering teams to deliver high quality solutions that ensure patient safety. Roles and Responsibilities: Work with the CS Team project lead to perform cyber risk / cyber threat analysis for a client-server product line involving medical devices and document the results Work extensively with technical architects and development teams to document product specific cybersecurity architectures. Track the cybersecurity documentation to ensure regulatory compliance (EU-MDR, US-FDA, CN-NMPA) and adherence to best practices standards. Decompose cybersecurity architecture(s) into components with cyber risk Perform Information System security controls assessments and audits Participate in design of policies to improve the robustness and defense-in-depth for product lines Other duties as assigned Competency Requirements: In order to adequately perform the responsibilities of this position the individual must possess: Three or more years' experience, with medical device, ICS/SCADA or embedded system experience highly desirable BS/BA required; MS highly desirable along with demonstration of sophisticated and logical thought processes. CAP, CISA, CISSP, GCIA, GIAC, GISF, GSEC, SSCP or equivalent certification required. Attention to detail in the preparation of highly technical documentation including risk analysis. Experience or background in Information Technology compliance in a healthcare, manufacturing or financial industry highly beneficial. Extensive knowledge of TCP/IP, SSL/TLS, HTTP, switching and routing, Windows & Linux OS, Relational SQL databases Experience with Splunk, Syslog, Nessus, nMap, firewalls, SIEM Strong analytic skills as proven by a track record of analyzing and fixing complex problems in products and processes. Excellent judgment in the presence of competing priorities and incomplete data; proven ability to make difficult trade-offs with good judgment. Ability to present and whiteboard technical architectures and workflows Travel: None anticipated. Job location: remote (Pacific Time workday).