Cybersecurity Engineer, DiGA – Contract
Click Therapeutics, Inc.
contract
Posted on:
Location Type: Remote
Location: New York • United States
Visit company websiteExplore more
Salary
💰 $125 - $135 per hour
About the role
- Requirement Engineering: Translate German regulatory requirements (SGB V, DiGAV Annex 1) into actionable technical security specifications for the development team.
- Penetration Testing Coordination: Define the scope for mandatory white-box penetration tests and manual code reviews; manage the relationship with BSI-certified testing centers.
- Risk Assessment: Conduct and document data protection impact assessments (DPIA) and security risk assessments tailored to high-protection health data.
- Vulnerability Management: Establish a lifecycle process for vulnerability handling and incident reporting as required by the EU Cyber Resilience Act (CRA) and DiGA guidelines.
Requirements
- DiGA Expertise: Proven experience in a successful DiGA submission process or deep familiarity with the BfArM Guide for Manufacturers.
- Regulatory Knowledge: Deep understanding of German and EU regulations, including GDPR, DiGAV, and the Digital Healthcare Modernisation Act (DVPMG).
- Technical Security: Strong background in OWASP Top 10 (Mobile/Web), secure API design, and cryptographic standards (AES-256, TLS 1.3).
- Certifications: Professional certifications such as CISSP, CISA, or ISO 27001 Lead Implementer are highly preferred.
- Fluency in English is required.
Benefits
- Your choice of mac or linux equipment.
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Requirement EngineeringPenetration TestingRisk AssessmentVulnerability ManagementOWASP Top 10secure API designcryptographic standardsDPIAincident reportinglifecycle process
Soft Skills
communicationrelationship management
Certifications
CISSPCISAISO 27001 Lead Implementer