Remote Security & Risk Engineer

Description:

• Buoy Software is seeking a Security and Risk Engineer to join their remote team.
• The mission of Buoy Software is to enhance the blood product donation experience and improve health outcomes for patients.
• The role involves overseeing security controls and documentation for software as a medical device.
• Responsibilities include managing vulnerability and security risk assessments, compliance activities, and continuous monitoring of security incidents.
• The engineer will perform security-focused code reviews and collaborate on software projects, including IEC 62304 audits.
• The position requires a proactive approach to risk management and a focus on continuous improvement.

Requirements:

• Candidates must have experience with threat modeling analysis, including STRIDE and Attack Tree methodologies.
• Experience with software as a service is required, while experience with software as a medical device is preferred.
• The ideal candidate is a self-starter who thrives in an autonomous work environment.
• Adaptability to change and the ability to manage a variety of tasks are essential.
• Strong teamwork and collaboration skills are necessary, as well as professional communication methods.
• Candidates should be able to represent Buoy's values both internally and externally.

Benefits:

• The position offers a competitive salary ranging from $120,000 to $150,000 per year.
• Employment is contingent upon satisfactory background and reference checks.
• The role is fully remote, providing flexibility in work location.
• Buoy Software fosters a supportive environment that encourages autonomy and personal growth.