Intuitive Surgical Careers
Senior Product Security Engineer – Embedded Systems
Primary Location: United States-California-Santa Clara County-Sunnyvale
Who is Intuitive Surgical? The numbers tell an amazing story. Learn more about our company.
Intuitive Surgical is building a new product security team to support a wide range of Intuitive Surgical products. Our team is responsible for all aspects of product security including secure development lifecycle, architecting, analyzing and building security solutions for our products, conducting security analysis, cybersecurity risk analysis, security testing, verification and validation.
We are looking for enthusiastic individuals to join our dynamic, fast growing organization! Are you a motivated hands-on embedded security engineer? Do you possess a strong work ethic? Are you up-to-date on security technologies? If so, join us to thrive in our high-energy working environment.
Primary Function of Position:
Contribute broadly to the Product Security Team and Software Engineering group to analyze, design and build security solutions and features for our current and next-generation surgical robotic systems. The successful candidate must excel in a high-energy small team environment, be able to drive to solutions from rough requirements, and have a commitment to high product quality throughout the entire product lifecycle.
This position provides an exciting opportunity to contribute to the security design, implementation and analysis of state of the art surgical robotic systems.
• Opportunity to contribute broadly to many areas of product security, including but not limited to:
o Design and programming of security solutions and features.o Development of security requirements and design validation methodologies.o Develop and execute test strategies and test plans.o Contribute to security evaluation and threat assessments of a wide range of Intuitive Surgical products.o Contribute to technical requirements, architecture, and interface design.o Contribute to planning, researching, and developing security policies, standards, and procedures.o Identify areas of improvement in our products, development and manufacturing processes, make recommendations, and help refine our Secure Product Development Lifecycle.
• BS degree in Computer Science, Computer Engineering, or Electrical Engineering (MS degree is a plus) and 5 years of professional experience in information security domain.
• Strong understanding of embedded systems, software, and hardware-software interface.
• Sound knowledge of information security concepts and cryptography fundamentals
• Experience with C/C++ and scripting languages (Python is a plus)
• Technical expertise in one or more of the following:
o Secure coding practices, code analysis and reviews, and vulnerability triage.o Operating system (Linux, QNX) internals and hardening techniques including kernel mitigations, access control, and security configurations.o System-level (kernel/bootloader) software development and incorporating hardware-based security techniques (Hardware Security modules, TPM, Secure Boot, TXT, TrustZone, etc) into a robust hardware/software system design.o Leveraging security and authentication technologies of FPGA chips (Xilinx 7-series, Ultrascale, Zynq) to harden platform security.o Security testing, validation and verification practices, techniques and toolso Product security assessments, threat modeling, and risk analysis• Strong analytical skills and attention to detail. Good communication skills.
• Ability to multi-task, prioritize and work in an extremely fast-paced, collaborative environment.
• Self-motivated; ability to work under general supervision; receptive and supportive of team efforts
• Experience creating, presenting, and refining technical specifications from top-level system architecture documents down to low-level implementation guides and test plans.
• Demonstrated experience in and comfort with all phases of the product development lifecycle including design, implementation, debug, verification, validation, and transfer to manufacturing.
• Experience designing software products in an FDA or other regulated industry or for mission critical applications; comfortable with concepts of design input, design output, traceability, risk analysis, and mitigations.
• Comfortable working with revision control systems such as Git and SVN; build systems such as CMake, GNU Make, and Ninja; and tracking tools such as JIRA.