Senior Security Engineer

About Nevro

Nevro (NYSE: NVRO)  is a global medical device company headquartered in Redwood City, California. We are focused on providing innovative products that improve the quality of life of patients suffering from debilitating chronic pain.

We started with a simple mission to help more patients suffering from chronic pain. At each stage of development, our research was subject to the highest levels of scientific rigor, resulting in a new therapy that has impacted the lives of over 70,000 patients around the world.Nevro has developed and commercialized the Senza spinal cord stimulation (SCS) system, an evidence-based, non-pharmacologic neuromodulation platform for the treatment of chronic pain. HF10 therapy has demonstrated the ability to reduce or eliminate opioids in ≥65% of patients across six peer-reviewed clinical studies. The Senza® System, Senza II™ System, and the Senza® Omnia™ System are the only SCS systems that deliver Nevro's proprietary HF10® therapy.

Job Summary & Responsibilities

The Senior Security Engineer will be a member of the Development & Security Operations team in R&D. They will share ownership with the Web Services team to create shared responsibility where the Security Engineer owns the security configuration and monitoring of the cloud environments.

• This is a senior role and candidates are expected to lead and define significant or whole portions of planning, developing, coordinating, and directing development across complex products, directing internal and external resources accordingly.
• Build security monitoring and management controls (Security Hub, Inspector, and Guard Duty etc.)
• Analyze AWS security configurations across multiple AWS Accounts
• Collaborate with other teams to enhance event monitoring, security alerting, and incident response workflows
• Test for vulnerabilities and configuration errors
• Formulate recommendations and implement using tools such as, but not limited to Terraform and OPA
• Keep up to date on new technology, standards, protocols, and tools in areas relevant to the rapidly changing digital environment.
• Works in accordance with quality system procedures and actively enforces its objectives
• Prepares reports and presentations and documents progress with senior management
• Work Cross Functionally with other departments such as Marketing, Regulatory and Quality
• Other duties as assigned.

Role Requirements

• Bachelor's degree in computer science, computer engineering, cybersecurity or related field. Equivalent experience also accepted
• Experience working in an AWS environment required.
• Five or more years of experience as a security engineer, systems administrator, or systems engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity.

Skills and Knowledge

• Git
• Terraform, Open Policy Agent
• Experience architecting and testing security controls in AWS
• Comfortable reasoning about the security of complex systems, even if they contain components you aren't familiar with.
• Apply technical principles, theories and concepts towards the solution of complex technical problems and provide solutions which are innovative and ingenious.
• The ability to design and operate controls that are easy to test and audit
• Good analytical and problem-solving skills.
• Experience with tools commonly used to automate vulnerability discovery
• Excellent oral and written communication along with good presentation and technical writing skills.
• Functional familiarity with the FDA Submission process, ISO Requirements and QSR requirements is also preferred.
• Must be significantly self-directed and autonomous and capable of directing technical development by others
• #LI-LJD1