Security Risk Engineer
Security Risk Engineer (Finance)
Job Description:
Security Risk Engineer (Solventum)
At Solventum, we enable better, smarter, safer healthcare to improve lives. As a new company with a long legacy of creating breakthrough solutions for our customers' toughest challenges, we pioneer game-changing innovations at the intersection of health, material and data science that change patients' lives for the better while enabling healthcare professionals to perform at their best.
The Impact You'll Make in this Role
The Cybersecurity Risk Engineer will play a key role in securing Solventum's digital products and information technology (IT) infrastructure, ensuring resilience against cyber threats, and enhancing our overall security posture. Working closely with both engineering and IT teams, this role will focus on risk assessment, controls assessment, and risk management, while also automating security tools and processes.
In this role, the Cybersecurity Risk Engineer will undertake a variety of key responsibilities, including conducting regular risk assessments, audits, and vulnerability analyses on IT assets, networks, and processes. By developing and maintaining a risk-based approach, they will work to protect IT assets by mitigating identified threats and vulnerabilities.
Automation of security tools and processes to improve efficiency and effectiveness is another critical aspect of the role. The engineer will use technical skills to implement reporting and evidence collection for security tools like Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) as needed.
The Cybersecurity Risk Engineer will review security controls for software and products to ensure they meet required standards and will develop and maintain a controls heat map to visualize the effectiveness and coverage of security controls across the organization. They will support the Authority to Operate (ATO) program, ensuring that risk management and control validation processes are followed.
Collaboration is a key component of this role. The engineer will act as a liaison between engineering, IT, and security teams to ensure alignment on cybersecurity initiatives. They will stay current with cybersecurity trends and best practices.
Your Skills and Expertise:
To set you up for success in this role from day one, Solventum requires (at a minimum unless otherwise specified) the following qualifications:
- High School Diploma/GED AND 3+ years in software development or automation.
AND
- Technical Knowledge: knowledge of cybersecurity principles, including network segmentation, firewall management, and IT systems.
Additional qualifications that could help you succeed even further in this role include:
- Programming Skills: Proficiency in Python or common scripting languages, and experience working with APIs.
- Standards & Regulations (Nice to Have): Familiarity with industry regulations and standards like NIST CSF, NIST 800-53, and other IT security frameworks.
- Soft Skills: Excellent communication skills, project management experience, and the ability to work effectively with cross-functional teams.
- Problem-Solving: Proven ability to identify security challenges and develop practical solutions in complex IT environments.
- Independence: Ability to work independently, with limited required direction and guidance.
Work location: Remote.
Travel: May include up to [20% domestic].
Relocation Assistance: May be authorized.
Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).
Solventum is committed to maintaining the highest standards of integrity and professionalism in our recruitment process. Applicants must remain alert to fraudulent job postings and recruitment schemes that falsely claim to represent Solventum and seek to exploit job seekers.
Please note that all email communications from Solventum regarding job opportunities with the company will be from an email with a domain of @solventum.com. Be wary of unsolicited emails or messages regarding Solventum job opportunities from emails with other email domains.
Solventum is an equal opportunity employer. Solventum will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
