At TÜV SÜD we are passionate about technology. Innovations impact our daily lives in countless ways, and we are dedicated to being a part of that progress. We test, we audit, we inspect, we advise. We never stop challenging ourselves for the safety of society and its people. We breathe technology, we strive for professional excellence, and we leave a mark. We take the future into our hands. We are TÜV SÜD.

OVERALL RESPONSIBILITIES:

This position is responsible for focusing domain areas of expertise as well as a good breadth of experience across Hardware Penetration Testing, Medical IoT devices Penetration Testing, fuzz testing and Open-Source Intelligence and Physical Security Testing according to RED Cybersecurity Directive.

ESSENTIAL FUNCTIONS:

You will assist our clients in preparing for certifications through collaborative workshops, training sessions, or pre-compliance.

Perform medical device vulnerability scans, fuzz testing, penetration testing, security code reviews, and reverse engineering. 

Carry out IOT penetration tests, application, network, systems, and infrastructure penetration tests and perform various aspects of vulnerability assessments / penetration tests across a wide variety of platforms and technologies in the medical industry. 

Perform targeted testing activities to identify weaknesses and methods in which to exploit them.

Review threat models and perform security risk assessments of medical and IoT products

Keep up to date with tools, countermeasures, threats and technologies.

Interpret vulnerabilities, identify weaknesses, exploiting them and escalate access.

Prepare Detailed Technical Reports.

ADDITIONAL RESPONSIBILITIES:

Support the TÜV SÜD Canada vision and mission statement. Adhere to all TÜV SÜD Canada policies and procedures as outlined in the various Corporate Policies and the Employee Handbook.  All employees are responsible for general cooperation and support of all TÜV locations.  All employees are expected to work in a manner that supports a safe and healthy work environment for themselves and others.  This includes following established rules, policies and practices of environmental, health and safety in the workplace.

DISCLAIMER:
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification.  They are not intended to be interpreted as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position.

TÜV SÜD Canada is an equal opportunity employer.  

JOB QUALIFICATIONS:

Completed degree in IT security, (business) informatics, electrical and information technology, or a related field. An equivalent combination of vocational training and relevant experience, such as Software Engineering will also be considered.
- While certifications such as CISSP, CISA, or similar are not required, you are welcome to obtain them during your tenure with us.

KNOWLEDGE, SKILLS, AND ABILITIES:

Degree in Information Security, Computer Science, Computer/Software Engineering, Electrical Engineering, or relevant work experience
Programming skills in Python, C/C++, C#, or similar for the purpose of code review and test automation
Excellent technical expertise (in both breadth and depth), written communication skills, time management skills, and the ability to communicate effectively with numerous lines of business representatives.
Experience with open source and commercial penetration testing security tools in an enterprise environment.
Proficiency with Windows, Unix/Linux, and mobile platform operating systems.
Comprehension of OWASP Top 10 (both web and (M)IoT), OSSTMM, PTES, NIST and able to understand and communicate findings to customers
Must be willing to work flexible hours; must also be able to travel, as required. Comfortable working in a fast-paced environment 

Equal Opportunity Employer - Disability and Veteran

TÜV SÜD America, Inc. is an equal opportunity, affirmative action employer and considers qualified applicants for employment without regard to race, color, creed, religion, ancestry, marital status, genetics, national origin, sex, sexual orientation, gender identity and expression, age, physical or mental disability, veteran status and those laws, directives, and regulations of Federal, State, and Local governing bodies or agencies. We participate in the E-Verify Employment Verification Program.