Insulet started in 2000 with an idea and a mission to enable our customers to enjoy simplicity, freedom and healthier lives through the use of our Omnipod product platform. In the last two decades we have improved the lives of hundreds of thousands of patients by using innovative technology that is wearable, waterproof, and lifestyle accommodating.
We are looking for highly motivated, performance driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!
Job Title: Mobile Security Engineer
Department: Security and Privacy Operations
Insulet is looking to add a Mobile Security Engineer to the team. Insulet is a leading developer and manufacturer of wearable, connected medical devices and is seeking a seasoned mobile security expert to join the Product Cybersecurity Team and support the R&D teams in developing next generation IoT solutions for the Android and iOS platforms. Our state of the art, next generation medical devices are industry leaders in automated insulin delivery. If you have experience in areas such as threat modeling, mobile application security, security architecture, cyber resiliency, and security operations; you may be the right individual to help us secure the mobile medical device experiences of our patients.
Needs to work west-coast hours
Responsibilities
Researching, developing, and improving defensive tactics, techniques, and procedures for detecting and responding to mobile cybersecurity threats for medical device applications.
Performing security evaluations and internal penetration testing of medical device applications for the Android and iOS platforms.
Conduct regular risk assessments of the mobile applications by creating, updating and maintaining threat models and performing code reviews.
Work with engineering and systems teams to ensure secure design, development and validation of our products, configure and deploy new tooling, and improve response capabilities.
Analyze security data and report on threats and incidents across various platforms and environments.
Interact directly with the security community regarding mobile security vulnerabilities and threats.
Perform mobile security training, outreach and reviews for internal development teams.
Ensure products comply with FDA guidance and regulations for cybersecurity.
Take lead from supervisor and team to execute on security initiatives.
Education and Required Experience
BS/MS in Computer Science, Information Systems, Computer Engineering, or the equivalent in experience and evidence of exceptional ability.
Minimum of 2+ years of experience as an Android/IOS Security Engineer.
Excellent understanding and experience in multiple security domains such as application security, mobile security, hardware security, and incident response.
Programming skills in Java, Kotlin, Swift, Python or other languages.
Automation and development experience in Python, Go, Rust, C++, JavaScript, etc.
Preferred Skills and Competencies
Strong knowledge of OWASP Mobile Application Security Verification Standard (MASVS)
Strong knowledge of OWASP Mobile Application Security Testing Guide (MASTG)
Strong knowledge of MITRE ATT&CK Framework – Mobile Matrices
Strong knowledge of NIST Cybersecurity Framework
Experience with static and dynamic mobile appsec analysis concepts such as penetration testing.
Experience performing threat modeling and risk analysis of mobile applications
Experience working to secure the development of medical device applications
Experience working with multiple stakeholders such as engineering/systems teams, internal business units, and external incident response teams throughout the incident lifecycle.
Possess strong English writing and communication skills.
NOTE: This position is eligible for 100% remote working arrangements (may work from home/virtually 100%; may also work hybrid on-site/virtual as desired). #LI-Remote
Additional Information:
The US base salary range for this full-time position is $101,970.00 – $152,955.00. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position in the primary work location in the US. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your Talent Acquisition Specialist can share more about the specific salary range for your preferred location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.
At Insulet Corporation all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
(Know Your Rights)
iOS remote work Communication static-analysis Android Code review penetration-testing Incident response dynamic-analysis Risk analysis