Description:

Buoy Software is seeking a Security and Risk Engineer to join their remote team.
The mission of Buoy Software is to enhance the blood product donation experience and improve health outcomes for patients.
The role involves overseeing security controls and documentation for software as a medical device.
Responsibilities include managing vulnerability and security risk assessments, compliance activities, and continuous monitoring of security incidents.
The engineer will perform security-focused code reviews and collaborate on software projects, including IEC 62304 audits.
The position requires a proactive approach to risk management and a focus on continuous improvement.

Requirements:

Candidates must have experience with threat modeling analysis, including STRIDE and Attack Tree methodologies.
Experience with software as a service is required, while experience with software as a medical device is preferred.
The ideal candidate is a self-starter who thrives in an autonomous work environment.
Adaptability to change and the ability to manage a variety of tasks are essential.
Strong teamwork and collaboration skills are necessary, as well as professional communication methods.
Candidates should be able to represent Buoy's values both internally and externally.

The position offers a competitive salary ranging from $120,000 to $150,000 per year.
Employment is contingent upon satisfactory background and reference checks.
The role is fully remote, providing flexibility in work location.
Buoy Software fosters a supportive environment that encourages autonomy and personal growth.