Position Summary:

The Werfen Product Privacy and Security Program is a shared service model with responsibility for Cybersecurity and Privacy by Design, Compliance, Security Testing and Incident Response.   As a Werfen Product Security Officer you are responsible for cybersecurity and privacy functions for our Products.  The role teams on Werfen Projects to ensure the product privacy and security posture.  This role is a trusted collaborator of the Project Teams and work closely with Quality and Regulatory functions. 

Responsibilities

Key Accountabilities include but are not limited to:

• Represent the Werfen Product Privacy and Security Office.
• Responsible for leading Product cross functional team members to complete all technical aspects of product cyber security tasks and initiatives.
• Represent cyber security with the product development teams to ensure cyber security and privacy is being designed into products.
• Represent cybersecurity and privacy in the Risk Assessment. as a subject matter expert including:
  • cyber security threat management process, 
  • Continuous technical analysis and monitoring of cyber security signals.
• Participate in customer assurance. This includes Product Security communications content such as:
  • Product Labeling,
  • completion of security inquiries,
  • complaint and vulnerability reports,
  • provide consistent cybersecurity and privacy guidance to Werfen and Customers.

Qualifications

Minimum Knowledge & Experience Required for the Position:

• 12-15 years of Cybersecurity and/or Privacy Compliance
• 5 years’ experience leading product cyber security projects and risk management activities – in medical device or healthcare domain.
• Experience in cross-functional cyber security activities including Product Defense in Depth, security technology, regulatory compliance, and incident response
• Domain specific standards and approaches on privacy and product security (ISO 2700x, NIST 800 Series Special Publications)
• Knowledgeable and experience with laws and regulations on cyber security, privacy, data protection and breach notification (e.g.: FDA cyber security guidelines, 95/46/ED, HIPAA, GDPR, ISO 13485, ISO 14971. AAMI TIR 57; 21CFR820, SB1386, etc.)
• Experience in designing or leading software products using Secure SDLC.
• Thorough Understanding of securing and hardening Windows and Linux operating systems
• Thorough understanding of networking and network security

The annual base salary range for this role is currently $170,000 range to $200,000 range. Individual employee compensation will ultimately depend on factors including education, relevant experience, skillset, knowledge, and particular business needs.

This role is eligible for medical, dental, and vision insurance, 401k plan retirement benefits with an employer match, as well as paid vacation and sick leave. Our sales roles are eligible for participation in a commission plan and our management, and select professional roles, are eligible for a performance-based bonus.