Senior Software Product Security Engineer • Product Security Engineering

Work Flexibility: Hybrid This role will establish technical expertise for the Product security QMS in collaboration with Design Quality Digital group for Stryker T&E digital product portfolios (Trauma, Foot & Ankle, Upper Extremities). The position requires a strong partnership with product Development teams to ensure time-to-market, customer requirements, and technology objectives are met while ensuring compliance with global quality and regulatory requirements related to Product security. Will support the process owner – Product Security in establishing, implementing, and maintaining Global Regulatory and Quality processes and documents supporting our Global QMS and the divisional QMS. What will you do: Primary Responsibilities Assist in the facilitation of internal and third-party audits as needed. Should be capable of interpreting industry standards and government regulations to drive the implementation of world-class processes that may provide resources and/or help to remove obstacles to team accomplishments. Should have Design Controls expertise for product development projects from inception through successful Design Should have a basic understanding of product security & Risk Management strategies. Recommend efficiency and process improvements to product security capabilities and functions. Collaborate with product teams to assess security risks. Able to clearly convey design control and Product Security-related issues to stakeholders. Creating Gap assessment between different processes and fulfilling the Gaps Communicate the security gaps to leadership and propose mitigation solutions. What You Need: Knowledge/competence 5-8 years. Basic level Expertise in applying security control frameworks, security risk assessments, and scoring the severity of security threats and vulnerabilities. Effective verbal and written communicator and consensus-builder Demonstrated technical problem-solving skills.Strong QMS and SDLC (software development life cycle) understanding. Basic Understanding of the vulnerability management life cycle. Experience of working in a regulated medical organization. Good to have ISO 13485 standard .Experience in New Product Development for Software and/or Systems preferred FDA Cybersecurity guidance (including FD&C 524B and eSTAR updates) Hands on experience in using Agile methodology. Understands security risk management processes preferably in the healthcare or medical device industry Travel Percentage: None Stryker is one of the world’s leading medical technology companies and, together with its customers, is driven to make healthcare better. We offer innovative products and services in Orthopaedics, Medical and Surgical, and Neurotechnology and Spine that help improve patient and hospital outcomes. We are proud to be named one of the World’s Best Workplaces! For more information, visit: www.stryker.com Work Flexibility Remote – Role allows you to work the majority to 100% of time from an alternate workplace. These roles could have travel expectations, and you must work within the country of the job requisition location. Field-based – You can expect to regularly work a majority to 100% of time at customer facilities and has a set territory or expectation to travel within a set boundary. Almost all sales roles would likely be qualified as field-based. Onsite – Role is 100% located at a Stryker facility. Some ad hoc flexibility may be available depending on role, level, and job requirements. Manufacturing roles and any role that requires physical presence at the office would qualify under this category. Hybrid – You can expect to regularly work in both an alternate workplace and a Stryker facility. Roles that are partially remote or co-located would qualify as hybrid, and the expectation to be onsite would be defined and agreed upon by your manager/supervisor.