Product Security Architect
3 days ago
Job DescriptionJob Description
WHO ARE WE?
Endotronix is a medical device company that aims to transform the treatment of heart failure, a chronic, progressive condition in which the heart is unable to pump enough blood to support the body. Our Cordella Heart Failure System (CHFS) includes proactive management tools for best practice care and detection of worsening heart failure. These easy-to-use tools improve patient quality of life and help to reduce hospital admissions thereby reducing health care costs. With our recent PMA approval from the FDA and acquisition by Edwards Lifesciences, we are growing our team – it’s a great time to join Endotronix
WHAT YOU’LL DO
The Product Security Architect will report to Product Security leader in the Global Information Security organization. The role will serve as a key member of the Product Security team and serve as an expert security advisor and partner to the Software Development, Cloud, Quality, Regulatory, Verification and Validation teams. As a technical leader, this individual will be responsible for providing secure designs, solutions, and guidance to ensure that Endotronix’s products and operational frameworks are inherently secure, compliant, and adaptive to the dynamic nature of security threats. This person will also be integral to the Endotronix Secure Development Lifecycle, ensuring that security is embedded into the fabric of Endotronix’s suite of products. This is an onsite or hybrid position based in Naperville, Illinois. Your responsibilities will include:
- Apply Product Security experience and expertise to execute the Product Security strategy for Endotronix medical products, ensuring alignment with business objectives and regulatory requirements.
- Maintain expertise in the regulatory landscape, including FDA, NMPA, EU MDR, and cybersecurity laws, to guide product compliance.
- Ensure that Product Security complies with the evolving regulatory environment, particularly in the context of HITRUST governance.
- Collaborate with cross-functional teams to embed security best practices throughout the product lifecycle, from development to manufacturing, to safeguard products and ensure they align with legal, privacy, and regulatory standards.
- Develop Product Security requirements, threat models, secure designs, and secure software development guidance for regulated medical device products that may include embedded systems, on-prem enterprise systems and services, and cloud-based services distributed across multiple organizations and customers.
- Perform software code level reviews and testing.
- Develop and maintain a SecDevOps program and services to ensure security functions and controls are embedded in development and delivery pipelines.
- Perform vulnerability management for in-house and 3rd party components.
- Perform product risk assessments to identify risks and remediation options to address key security risks in alignment with regulatory and ethical considerations.
- Support Product Security engagements with external stakeholders and regulatory agencies.
- Stay informed about emerging security technologies and assess their relevance to a highly regulated medical device industry.
- Keep abreast of new security threats and continuously refine security practices to mitigate risks.
- Help advance and mature the Secure Software Development Lifecycle, ensuring consistent adoption across product teams and alignment to Endotronix Quality Management System.
- Enhance security tooling, automation, and processes to streamline how product teams address security.
WHAT YOU BRING TO THE TABLE
- A solid foundation of at least ten years in Information Technology and Product Security, including, at least, three years of Product Security architecture in a regulated environment.
- Strong experience designing, implementing, and automating cloud- and cloud-enabled services and solutions in cloud environments, including AWS.
- Strong understanding of AWS IAM, Microsoft Entra ID, and Cloud IAM solutions for securing both cloud- and custom resources.
- Strong experience integrating and managing security services in a SecDevOps framework.
- Experience with both connected and disconnected products, secure software development lifecycle, risk mitigation strategies, threat modeling, and vendor supply chain security.
- Proven ability to design and manage secure network architectures, including Virtual Private Clouds, subnets, and security groups.
- Deep understanding of the Design Control process, ensuring that all product design and development is conducted in accordance with pertinent Quality System Regulations and international standards.
- In-depth understanding of AWS Key Management Service, CloudHSM, Certificate Manager and data encryption techniques.
- Extensive knowledge of AWS logging and monitoring solutions, including CloudTrail, AWS Config, and Amazon CloudWatch.
- Comprehensive understanding of AWS serverless resources and their security implications.
- Prior experience in securing APIs using AWS API Gateway, Web Application Firewalls (WAF), and custom implementations.
- Strong understanding of the AWS and Azure Well-Architected Framework, with a focus on the Security Pillar.
- Experience navigating and executing Product Security requirements with 510(k), De Novo and PMA-regulated products.
- Experience with and working knowledge of regulatory requirements (FDA, NMPA, EU MDR, NIST CSF, NIST 800-53, etc.).
- Excellent written and verbal communication skills for a wide variety of audiences, with the ability to influence and drive decisions both within the organization and in external engagements.
EDUCATION
- Bachelor’s degree in Cybersecurity, Computer Science, Computer Engineering or related field; or equivalent experience.
- Certifications such as CISSP, CISM, CSSLP, GIAC, MCSE, CCSP or equivalent are .
WHO YOU ARE
- Relentlessly focused on data and hypothesis driven decision making to create the best experiences for ETX patients and customers
- Someone with a bias for action and quick iteration as opposed to perfection
- A quick learner, who is able to work independently, multitask, and drive your own projects
- An effective communicator and collaborator who can synthesize insights from multiple stakeholders across business functions to deliver purpose-built insights, models and tools that provide easily interpretable and actionable results
- A team player who can inspire teams to deliver together, embodying the idea that the whole is greater than the sum of the parts
- Passionate about digital healthcare and leveraging Data to deliver innovative solutions at scale
WHAT WE’RE LIKE
- Willing to have the “direct and honest conversation”. Not afraid to confront the facts (or be confronted) and develop a plan to move forward.
- Competitive spirit and drive to win. Strong sense of initiative, internal motivation, and an unrelenting focus on results.
- Openness to feedback and coaching with a strong towards continual learning and improvement. Ability to solicit, accept and provide direct feedback without defensiveness.
- Capacity to function in a highly complex company with ease and fluidity, while driving and influencing results.
- Entrepreneurial, flexible, yet results focused.
- High degree of intellectual curiosity, honesty, and capability.
- Low ego and humble in spirit in spite of your track record of outstanding performance.
LIFE AT ENDOTRONIX
- Our shared company values create a foundation of trust and collaboration. United in a common purpose, we excel at the task at hand to provide best-in-class medical technology and customer service to our patients and clinicians. And along the way we make sure to have a little fun, continue to grow and celebrate our successes.
- We provide a competitive compensation package, comprehensive benefits including unlimited PTO, and an environment that will help you to thrive and succeed in your career.
- Endotronix is an equal opportunity employer, and we are committed to providing equal employment opportunities to all persons without regard to , creed, , , , , marital status, citizenship status, , veteran status, or . We are passionately committed to building a diverse organization where all perspectives and cultures are celebrated.
-
Product Security Architect
10 hours ago
Naperville, Illinois, United States Endotronix Full timeAbout This RoleWe are seeking a highly skilled Product Security Architect to join our team at Endotronix. As a Product Security Architect, you will be responsible for ensuring the security of our medical devices and systems.Key ResponsibilitiesDevelop and maintain secure software development lifecycle processes and procedures.Collaborate with...
-
Product Security Architect
3 days ago
Naperville, United States Endotronix Full timeWHO ARE WE? Endotronix is a medical device company that aims to transform the treatment of heart failure, a chronic, progressive condition in which the heart is unable to pump enough blood to support the body. Our Cordella Heart Failure System (CHFS) includes proactive management tools for best practice care and detection of worsening heart failure. These...
-
Senior Cloud Security Architect
3 weeks ago
Naperville, Illinois, United States Endotronix, Inc Full timeJob OverviewEndotronix, Inc is a medical device company that aims to transform the treatment of heart failure by developing innovative solutions. We are looking for a Senior Cloud Security Architect to join our team in Naperville, Illinois.About the RoleThe successful candidate will report to the Product Security leader in the Global Information Security...
-
Cloud Security Architect
3 weeks ago
Naperville, United States Alltech Consulting Services Inc Full timeAbout Alltech Consulting Services IncWe are a leading consulting firm that helps organizations achieve their goals by providing top-notch security solutions.Salary and BenefitsThe estimated salary for this position is $120,000 - $180,000 per year, depending on experience. Our comprehensive benefits package includes medical, dental, and vision coverage,...
-
AWS Solution Architect
2 months ago
Naperville, United States Futran Tech Solutions Pvt. Ltd. Full timePosition: AWS Solution Architect Location: Naperville, IL (Onsite Role) We are looking for AWS Solution Architect with FIS Product, Deposits and Lending domain experience. Minimum experience should be 15 years. Profiles without FIS and Deposit experience will not be considered. If your consultant has experience on it and doesn't mention in the resume, then...
-
Cybersecurity Architect Lead
1 week ago
Naperville, Illinois, United States VILLA-TECH INC. Full timeJob OverviewVILLA-TECH INC. is seeking an experienced Cybersecurity Architect Lead to join our team. As a key member of our security team, you will be responsible for designing and implementing comprehensive security solutions to protect our cloud and container environments.About the RoleThe successful candidate will have a strong background in computer...
-
Senior Salesforce Cloud Architect
2 weeks ago
Naperville, Illinois, United States smart folks inc Full timeWe are seeking a highly skilled Salesforce Cloud Architect to join our team at Smart Folks Inc. in Naperville IL or NJ.Job DescriptionAs a key member of our team, you will be responsible for designing and implementing scalable, secure, and efficient Salesforce solutions that meet the evolving needs of our business.This role requires a deep understanding of...
-
Jr. Systems Architect
3 weeks ago
Naperville, United States Nokia Full timeJob Description The candidate in this role will be required to work with Nokia R&D members (CTO, other IMS products systems engineers/architects, product owners, software engineers) as well as product line managers (PLMs) and customer support teams to define, design and deliver SBC product capabilities for both telecom and enterprise markets. **Due to NSA...
-
AWS Solution Architect with Open Banking
2 months ago
Naperville, United States Futran Tech Solutions Pvt. Ltd. Full timeWe are looking for AWS Solution Architect with Open Banking experience. This is an onsite role in Naperville, IL. Minimum experience should be 15 years. Please lookout for those candidates who has done couple of recent banking projects and has experience in External API's and "ISO 20022" Profiles without recent banking, external API's, and ISO 20022...
-
Solutions Architect
2 months ago
naperville, United States Planet Technology Full timeDirect Hire/PermLocation - Naperville, IL - 3 days onsite Must be legally authorized on an unrestricted basis (US Citizen, Legal Permanent Resident, Refugee or Asylee) to be employed in the United States. Client does not anticipate providing employment related work sponsorship for this position (e.g., H-1B status)CPQ Solutions ArchitectThe CPQ (Configure,...
-
Solutions Architect
2 months ago
naperville, United States Planet Technology Full timeDirect Hire/PermLocation - Naperville, IL - 3 days onsite Must be legally authorized on an unrestricted basis (US Citizen, Legal Permanent Resident, Refugee or Asylee) to be employed in the United States. Client does not anticipate providing employment related work sponsorship for this position (e.g., H-1B status)CPQ Solutions ArchitectThe CPQ (Configure,...
-
Solutions Architect
2 months ago
Naperville, United States Planet Technology Full timeDirect Hire/PermLocation - Naperville, IL - 3 days onsite Must be legally authorized on an unrestricted basis (US Citizen, Legal Permanent Resident, Refugee or Asylee) to be employed in the United States. Client does not anticipate providing employment related work sponsorship for this position (e.g., H-1B status)CPQ Solutions ArchitectThe CPQ (Configure,...
-
Software Architect
2 weeks ago
Naperville, United States Nokia Full timeFamily Description Applied R&D (AR) consists of target-oriented research either with the goal of solving a particular problem / answering a specific question or for multi-discipline design, development, and implementation of hardware, software, and systems including maintenance support. Supplies techno-economic consulting to clients. AR work is characterised...
-
Software Architect
2 weeks ago
Naperville, United States Nokia Full timeJob DescriptionFamily Description Applied R&D (AR) consists of target-oriented research either with the goal of solving a particular problem / answering a specific question or for multi-discipline design, development, and implementation of hardware, software, and systems including maintenance support. Supplies techno-economic consulting to clients. AR work...
-
Cloud Data Architect Lead
3 weeks ago
Naperville, Illinois, United States Kellanova Full timeAbout KellanovaKellanova is a global leader in the snacks industry, with a portfolio of iconic brands including Pringles, Cheez-It, Pop-Tarts, and more.We are driven by our vision to be the world's best-performing snacks-led powerhouse, unleashing the full potential of our differentiated brands and passionate people.CompensationThe estimated annual salary...
-
Senior Software Engineer
3 weeks ago
Naperville, Illinois, United States Endotronix, Inc Full timeJob DescriptionWe are seeking an experienced Senior Software Engineer to join our team at Endotronix, Inc. in Naperville, Illinois.About the RoleThis is a hybrid position that requires strong technical expertise and excellent communication skills. As a Senior Software Engineer, you will be responsible for leading software development projects from concept to...
-
Chief Information Security Strategist
3 weeks ago
Naperville, Illinois, United States Endotronix, Inc Full timeTransformative Product Security Leader SoughtWe are Endotronix, Inc., a pioneering medical device company dedicated to revolutionizing heart failure treatment. As we expand our team, we are seeking an exceptional Director of Product Security to lead our product security strategy and safeguard the security and integrity of our innovative medical products.The...
-
Lead Security Engineer
3 weeks ago
Naperville, United States VILLA-TECH INC. Full timeJob DescriptionJob DescriptionResponsibilities:· Design and develop and implement security solutions· Design and develop security testing scenarios;· Monitor threats· Use a combination of manual and automated techniques to assess risks and circumvent security mechanisms of devices and applications;· Analyze and present results of testing to team...
-
naperville, United States Insight Global Full timeMust Haves: Bachelor's degree in Computer Science, Information Technology, or related field.5+ years of experience in software development, integration, software engineering or related roles.Experience in architecting mobile applications and adhering to the requirements of mobile applications a plus.3+ years of experience managing teams.Knowledge of...
-
Information Technology Engineering Manager
7 days ago
Naperville, United States Insight Global Full timeMust Haves: Bachelor's degree in Computer Science, Information Technology, or related field.5+ years of experience in software development, integration, software engineering or related roles.Experience in architecting mobile applications and adhering to the requirements of mobile applications a plus.3+ years of experience managing teams.Knowledge of...