Intuitive Surgical Careers

Senior Product Security Software Engineer – Embedded Systems

US-CA-Sunnyvale, California

Job Description

Job: Engineering
Primary Location: United States-California-US-CA-Sunnyvale
Schedule: Full-time
Requisition ID: 181915


Company Description:

Who is Intuitive Surgical? The numbers tell an amazing story. Learn more about our company.

Joining Intuitive Surgical means joining a team dedicated to using technology to benefit patients by improving surgical efficacy and decreasing surgical invasiveness, with patient safety as our highest priority.

Intuitive Surgical is building a new product security team to support a wide range of Intuitive Surgical products. Our team is responsible for all aspects of product security including secure development lifecycle, architecting, analyzing and building security solutions for our products, conducting security analysis, cybersecurity risk analysis, security testing, verification and validation.

We are looking for enthusiastic individuals to join our dynamic, fast growing organization! Are you a motivated hands-on embedded security engineer? Do you possess a strong work ethic? Are you up-to-date on security technologies? If so, join us to thrive in our high-energy working environment.

Primary Function of Position:

Contribute broadly to the Product Security Team and Software Engineering group to analyze, design and build security solutions and features for our current and next-generation surgical robotic systems. The successful candidate must excel in a high-energy small team environment, be able to drive to solutions from rough requirements, and have a commitment to high product quality throughout the entire product lifecycle.

Key Functions:

This position provides an exciting opportunity to contribute to the security design, implementation and analysis of state of the art surgical robotic systems.
• Opportunity to contribute broadly to many areas of product security, including but not limited to:

o Design and programming of security solutions and features.
o Development of security requirements and design validation methodologies.
o Contribute to technical requirements, architecture, and interface design.
o Contribute to planning, researching, and developing security policies, standards, and procedures.
o Identify areas of improvement in our products, development and manufacturing processes, make recommendations, and help refine our Secure Product Development Lifecycle.

Skill/Job Requirements:

• BS degree in Computer Science, Computer Engineering, or Electrical Engineering (MS degree is a plus) and a minimum 6 years of professional experience in information security domain.
• Strong understanding of embedded systems, software, and hardware-software interface.
• Sound knowledge of information security concepts and cryptography fundamentals.
• Experience on embedded system development with C/C++.
• Experience on secure coding practices (SEI CERT C / C++ coding standard or similar), code analysis and reviews, and vulnerability triage.
• Operating system (Linux, QNX) internals and hardening techniques including kernel mitigations, access control, and security configurations.
• Good understanding of product security assessments, threat modeling, and risk analysis.
• Strong analytical skills and attention to detail. Good communication skills.
• Ability to multi-task, prioritize and work in an extremely fast-paced, collaborative environment.
• Self-motivated; ability to work under general supervision; receptive and supportive of team efforts.

Additional Pluses:

• Experience creating, presenting, and refining technical specifications from top-level system architecture documents down to low-level implementation guides and test plans.
• Demonstrated experience in and comfort with all phases of the product development lifecycle including design, implementation, debug, verification, validation, and transfer to manufacturing.
• Experience designing software products in an FDA or other regulated industry or for mission critical applications; comfortable with concepts of design input, design output, traceability, risk analysis, and mitigations.
• Comfortable working with revision control systems such as Git and SVN; build systems such as CMake, GNU Make, and Ninja; and tracking tools such as JIRA.

We are an AA/EEO/Veterans/Disabled employer.
We will consider for employment qualified applicants with arrest and conviction records in accordance with fair chance laws.