Sr. Application Security Engineer chez Glaukos Corporation
Glaukos Corporation · Burlington, États-Unis d'Amérique · Hybrid
- Professional
- Bureau à Burlington
What You'll Do:
As an Application Security Engineer, you will play a critical role in securing the software that powers our medical devices and offer your expertise as we develop other applications such as mobile and web apps. You will work closely with software developers, Quality engineers, and product teams to integrate security best practices throughout the software development lifecycle (SDLC), ensuring compliance with regulatory standards from the FDA, HIPAA, NIST CSF, etc.
- Conduct threat modeling, secure code reviews, and vulnerability assessments of mobile and embedded applications.
- Collaborate with development teams to integrate security into CI/CD pipelines and DevSecOps practices.
- Develop and maintain secure coding guidelines and training programs for engineering teams.
- Evaluate and implement application security tools (SAST, DAST, SCA, etc.).
- Monitor and respond to application security incidents, identify application security concerns in product complaints, and coordinate remediation efforts.
- Ensure compliance with relevant medical device cybersecurity regulations and standards (e.g., FDA pre- and post-market guidance, NIST 800-53, ISO 27001, etc.).
- Participate in security architecture reviews and risk assessments for new and existing products.
- Stay current with emerging threats, vulnerabilities, and security technologies
- 5+ years of experience in application security or software security engineering.
- Strong understanding of secure coding practices in languages such as C, C#, C++, or Python.
- Experience with security testing tools (e.g., Mend, Perforce, Lattix, etc.).
- Familiarity with regulatory and compliance frameworks relevant to medical devices.
- Experience in the medical device or healthcare industry.
- Knowledge of embedded systems and firmware security.
- Broad expertise in other security domains such as network security, endpoint security, etc.
- Certifications such as OSCP, CSSLP, CASE, CEH, CISSP.
- Bachelor’s degree in Computer Science, Cybersecurity, or related field.
Company
Generous. Innovative. Leadership-driven. Family-oriented. Socially responsible.
Founded in 1998, Glaukos Corporation is an ophthalmic pharmaceutical and medical technology company focused on developing and commercializing novel therapies for the treatment of glaucoma, corneal disorders, and retinal diseases.
Our mission at Glaukos is to truly transform vision by pioneering novel, dropless therapies that can meaningfully advance the standard of care and improve the lives of patients suffering from chronic, sight-threatening eye diseases.
Innovation is at the core of everything we do, and we are resolute in our commitment to challenge conventional thinking with new treatment alternatives that are supported by real science, robust clinical evidence, and an unrelenting focus on patients.
Our constant pursuit of game-changing technologies that disrupt legacy treatment paradigms is encapsulated in the Glaukos mantra “We’ll Go First,” which articulates our willingness to take chances, our determination to forge new ground, and our commitment to continuous improvement in all that we do.
Our company completed an initial public offering in June of 2015, and our shares are traded on the New York Stock Exchange under the ticker symbol “GKOS”. Our global headquarters is in Aliso Viejo, California with additional locations in San Clemente, California, and Burlington, Massachusetts.
Glaukos Corporation is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.
