Who we areAt Leica Biosystems our promise is to enable clinicians to efficiently provide patients a highly confident diagnosis within 24 hours of biopsy. We offer the most comprehensive portfolio that spans the entire cancer diagnosis workflow from biopsy to diagnosis. Our experts are committed to delivering Improved Quality, Integrated Solutions, and Optimized Efficiencies leading to breakthrough advances in diagnostic confidence and turnaround time.Every day we embrace new ways of thinking and work closely together to deliver innovative technologies, to ensure we remain at the forefront of our industry. And we believe that our people around the world play the most important role in helping our customers find success.The RoleThis is a new role in the research & development group. As part of the product development team, you will provide hands-on guidance of the implementation of privacy and security controls throughout our product lines. You will roll out and champion cybersecurity processes and practices across the organisation. Your goal is to ensure we have privacy by design and security by default. You will review product designs for vulnerabilities, participate in threat modeling, and help teams execute scans and penetration tests. You will work with teams to implement roadmaps for continuing security improvements. To accomplish all of this, you’ll need to build a deep understanding of our organisation, products and their markets.Reporting to the Senior Manager, R&D Systems Engineering & Architecture, your key responsibilities will include, and not limited to:Establish and drive product security risk assessment activitiesActs as a domain specialist during threat modeling and security design activities.Review and give feedback on product privacy and security designs.Tracks the plans, timelines, and implementations of required security controls across all product lines.Ensure software bills of materials are crafted, maintained, and monitored for vulnerabilities.Support teams in performaing static analysis, dynamic analysis, penetration tests, and attack drills to test efficiency of security controls, then assists teams in understanding the results.Guide systems hardening activities in accordance with CIS benchmarks.Maintains a working relationship with privacy and security teams throughout our broader company.Monitor trends in privacy and security, then distribute that knowledge and updates roadmaps.Support tender responses to answer customer questions related to security.Develop and enhance organisational cybersecurity processes including risk management, vulnerability management, incident response handling, third party governance and data santisation.Be the primary contact within R&D to respond to new vulnerabilities and security incidents.Participate in threat intelligence organisations (ISAO)To be successful in this opportunity, a prior experience in the following criteria would be required:Graduate or post-graduate qualification in computer science, software engineering or similar10+ years experience in software engineering or related discipline including 5+ years in information securityStrong understanding of cryptography, PKI, authentication, authorisation and other security related disciplines.Experienced in securing distributable products (rather than services) on the following platforms:Microsoft Windows, Linux OS and Embedded RTOSC#, .Net/.Net Core, C++Demonstrated architectural design capability – you must possess an ability to explain security best practices and define pragmatic solutions.Clear, coherent and structured written communication, including visual representationAbility to adapt to different projects and products working both strategically (high level) and tactically (low level within software development teams)Experience implementing and rolling out cybersecurity processes and practices in an organisationWillingness for occasional travelHighly Desirable:Any of the following experience will be highly regarded:Cybersecurity certifications (e.g. HCISSP, CISSP, CRISC)Experience with healthcare / medical device cybersecurity standards (CLSI AUTO11-A2, AAMI TIR57, AAMI TIR97, NIST Cybersecurity Framework, etc)Strong knowledge of global privacy regulations (GDPR, HIPAA, etc)Broad experience covering different technologies and application domainsTo Apply:You must be an Australian citizen or a holder of a Permanent Residency visa to be eligible to apply for this position.This is an exciting opportunity to be a part of Leica Biosystems and its ongoing success. So if you want a career where you can use your deep expertise to deliver real results, talk to us first.Please apply for this position by submitting your confidential application online.Applicants must submit a cover letter explaining their interest in joining Leica Biosystems and relevant experience related to this role. Applications must be submitted by close of business 8 March 2021.Leica Biosystems is committed to attracting and retaining the most highly qualified candidates available. We firmly believe that our employees drive the success of the company. With success in mind as the ultimate goal, we strive to create and provide an environment that offers challenging, stimulating and financially rewarding opportunities. If you are seeking a new challenge where your performance and contribution is valued, and the role aligns with your next career move, we would love to hear from you.Be sure to follow Leica Biosystems on LinkedIn!
Don’t provide your bank or credit card details when applying for jobs. Learn how to protect yourself here.