Product Security Test Engineer
- Mission Viejo, CA
Product Security Test Engineer is responsible for building the cybersecurity test plan, support security configuration implementation and perform security testing of the Alcon product(s) working closely with the cross-functional team. The Product Security Test Engineer should be proficient in execution of security testing for Alcon products including hardware, software; user interfaces, connected devices and related components along with test methodologies, test planning, automated scripting, internal penetration testing and reporting of test results.
Some of the responsibilities, but not limited to:
• Leads end-to-end security testing for the assigned Alcon products/solutions
• Creates cybersecurity test plan(s)
• Define the security test specifications/use cases for the products including applicable regulatory and compliance needs (FDA, MDR, GDPR, HIPAA, etc.)
• Builds and drives security testing from planning, test cases, execution and reporting.
• Contributes to security test methods, processes and security development processes etc.
• Develop automated test scripts and leverage tools as applicable
• Participate in security requirements development, threat modeling, and technical implementation
• Support incident response processes and PSIRT as required in addressing the identified incidents time to time
• Contribute to the security program practices including standards, process improvements, automation etc.
• Execute and support the penetration testing (internal/external), vulnerability testing, patch management etc.
• Manage bug bounty programs (internal/external) with security leadership guidance
Alcon is an Equal Opportunity Employer and participates in E-Verify. Alcon takes pride in maintaining a diverse environment and our policies are not to discriminate in recruitment, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, gender identity, marital or veteran status, disability, or any other legally protected status. Alcon is also committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please send an email to [email protected] and let us know the nature of your request and your contact information. Equal Employment Opportunity Posters: If you'd like to view a copy of the Alcon's affirmative action plan or policy statement, please email [email protected]
Alcon is an Equal Opportunity Employer and takes pride in maintaining a diverse environment. We do not discriminate in recruitment, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, gender identity, marital or veteran status, disability, or any other legally protected status.
• Bachelor's Degree or Equivalent years of directly related experience (or high school +13 yrs; Assoc.+9 yrs; M.S.+2 yrs; PhD+0 yrs)
• The ability to fluently read, write, understand, and communicate in English
• 5 Years of Relevant Experience
• Working knowledge in security testing
• Experience in the development of security test plans, test cases, execution and reporting
• Medical devices/health care is preferred.
• Knowledge in industry regulations and security standards (e.g. NIST, HIPAA, GDPR, ISO/IEC 27000 series).
• Experience in product development, IOT, Connected devices or related areas.
• Experience in conducting penetration tests.
• Experience in vulnerability scanning including static/dynamic code analysis, infrastructure, web applications etc.
Back to top