Product Cybersecurity Engineer

Give hope. Give health. Make your mark in the fight against cancer.

At Accuray, we make a direct and powerful impact on the lives of cancer patients every day — helping them live longer, better lives. But our commitment to innovation offers a truly unique opportunity: the chance to change the fight against cancer — helping to develop, introduce and support new treatment delivery systems and software that will give new hope and new health to cancer patients and cancer survivors around the world.

Accuray develops, manufactures and sells radiotherapy systems for alternative cancer treatments. Our radiation therapy for cancer makes treatment shorter, safer, personalized and more effective, ultimately enabling patients to live longer, better lives.

Job Description

REPORTING TO/DEPARTMENT: 

Reports to the Group Lead, Product Cybersecurity in the Delivery Software department  

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Security reviews for new products, technologies, and services
• Secure systems development including design, architecture, and implementation
• Deep technical understanding of common security vulnerabilities and risks, as well as countermeasures and compensating controls
• Analyze cybersecurity vulnerabilities identified in Accuray software
• Perform cybersecurity risk assessments
• Develop mitigation and remediation plans for security vulnerabilities
• Secure development life cycle (SDLC) practices including threat modeling and security testing
• Influence decision-makers and stakeholders to achieve a consistently high security bar
• Conduct network and/or application penetration testing
• Create security guidance and documentation
• Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership
• Understand security concerns regarding Accuray products
• Participate in incident response activities

REQUIRED QUALIFICATIONS:Required:

• Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experience
• Minimum of 5 years of professional experience in IT related field.
• Minimum of 2 years of professional experience with any combination of at least 2 security focused technical disciplines, including the following: cloud security, network security, application security, mobile security, secure development methodologies, secure software development and coding, identity management, authentication and authorization, network architecture, system administration, and systems engineering.
   

Preferred or Desired:

• Knowledge of Linux and Windows operating systems
• Knowledge of Networking protocols
• Excellent problem solving/troubleshooting skills
• Experience working in an FDA regulated environment
• Excellent verbal and written communication skills
• Excellent organizational skills
• Experience with one or more scripting language preferably PowerShell or Python.
• Professional experience with applied cryptography
• Professional experience building or reviewing threat models
• Professional experience conducting security assessments, including penetration testing
• Professional experience with NIST 800-53Rev 4/5 - "Security and Privacy Controls for Federal Information Systems and Organizations"

To qualify for this position, candidates must be able to furnish proof that they are authorized to work in the country they are applying on a permanent basis without sponsorship.

EEO Statement

At Accuray, our commitment to patient-first outcomes drives an inclusive and collaborative work environment where the best ideas rise to the top — and everyone works to push them further. We value diversity in both the professional and personal backgrounds of our employees, as this variety adds rich energy to every team, every project and every work day. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin – including individuals with disabilities and veterans.

Accuray Pay Transparency Statement:

Accuray pay ranges vary based on work location. As a part of the total compensation package, this role may be eligible for the Accuray Bonus Plan or a role-specific commission/bonus, as well as annual refresh stock grants. Recruiters can share more detail during the hiring process. Each candidate’s compensation offer will be based on multiple factors including, but not limited to, geography, experience, skills, future potential and internal pay parity.