Sr. Software Engineer (Cybersecurity Knowledge)

About the position

At Terumo Blood and Cell Technologies, our 7,000+ global associates proud to come to work each day, knowing that what we do impacts the lives of patients around the world. For Terumo, for Everyone, Everywhere. We make medical devices and related products that are used to collect, separate, manufacture and process various components of blood and cells. With our innovative technologies and service offerings, we touch a patient's life every second of every day and are committed to continuing to increase the number of patients we serve. Advancing healthcare with heart. With some of the best and brightest minds in the industry, an unmatched global footprint, comprehensive benefits and a distinct culture, Terumo Blood and Cell Technologies is a great place to work, grow and be part of a team that is focused on making a difference. Join us and help shape wherever we go next. You create your future and ours.

Responsibilities

• Lead development activities that support compliance with cybersecurity objectives, including secure-by-design (ISO 81001-5-1) and data privacy (HIPAA, GDPR).
• Conduct security assessments and threat modeling to identify potential risks and recommend mitigation strategies.
• Implement and enforce secure coding practices to protect against vulnerabilities such as SQL injection, cross-site scripting (XSS), and buffer overflows.
• Collaborate with DevOps teams to integrate security into CI/CD pipelines, enhancing security automation and monitoring.
• Design and implement identity and access management (IAM) solutions, including role-based access control (RBAC) and multifactor authentication (MFA).
• Provide input to security incident response plans and actively participate in security audits and compliance assessments.
• Implement security logging, monitoring, and alerting strategies to proactively detect and respond to security threats.
• Act as high-level technical expert, addressing problems of systems integration, compatibility, and multiple platforms.
• Lead a development team in the design of highly complex software systems for internal and external customers and is responsible for project completion as required.
• Designs, develops, operates and maintains software components and software systems to apply to, and integrate with engineering, scientific, regulatory, and manufacturing requirements.
• Independently design and develop new software products or major enhancements to existing software for internal and external customers.
• Provides functional and empirical analysis related to the design, development, and implementation of software systems, including, but not limited to, utility software, development software, and diagnostic software.
• Perform feasibility analysis on potential future projects to management.
• Performs and approves code and test reviews.
• Exercise considerable latitude in determining technical objectives of assignment. Advances new techniques or advances the state-of-the-art.
• Demonstrates expert computer science fundamentals such as design patterns, data structures, OOP and software design.
• Mentors less-experienced software development staff.
• Defines software development best practices.

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or equivalent of education and experience sufficient to successfully perform the essential functions of the job may be considered.
• Minimum 8 years experience of professional experience in software engineering, with at least 3 years of dedicated experience in cybersecurity, focusing on secure software development, threat mitigation, and compliance with industry security standards.
• Must have experience with mission critical applications, preferably medical products or devices.
• Knowledge of regulatory requirements preferred.

Nice-to-haves

• Cybersecurity frameworks and compliance knowledge (NIST, ISO 27001, HIPAA, GDPR, ISO 81001-5-1) desired.
• Proficiency in threat modeling, security risk assessments, and penetration testing.
• Experience in implementing security in microservices architectures, API security, and OAuth authentication.
• Knowledge of secure DevOps (DevSecOps) and security automation tools such as SAST, DAST, and dependency scanning.
• Experience with zero-trust security models and network segmentation strategies.
• Ability to perform forensic analysis and incident handling for security breaches and vulnerabilities.
• Expertise in C# with a strong understanding of object-oriented design.
• Proficient in front-end development with React, Angular - Angular preferred.
• Proficient with databases such as MySQL, Azure SQL, NoSQL and/or Redis Cache.
• Skilled in unit and component level testing.
• Experienced in software design, patterns, and architecture.
• Experience with microservice architectures, containerization (Docker, Kubernetes), and event-driven systems using message buses like RabbitMQ.

Benefits

• Multiple group medical, dental and vision plans.
• Robust wellness program.
• Life insurance and disability coverages.
• Variety of voluntary programs such as group accident, hospital indemnity, critical illness, pet insurance.
• 401(k) plan with a matching contribution.
• Vacation and sick time programs.