Job Specifications
Principal Cybersecurity Test Engineer
Location: Edinburgh, Scotland
Company: Spacelabs Healthcare
Employment Type: Full-Time, Permanent
About Spacelabs Healthcare
At Spacelabs Healthcare, we are on a mission to provide continuous innovation in healthcare technology for better clinical and economic outcomes. Our scalable solutions deliver critical patient data across local and remote systems, enable better-informed decisions, increase efficiencies, and create a safer environment for patients.
Why work at Spacelabs? Because lives depend on you!
Job Summary
The Principal Cybersecurity Test Engineer is an elite-level individual contributor role within the Spacelabs Cybersecurity Team. This position is responsible for designing and conducting penetration testing to ensure robust security controls for Spacelabs products, infrastructure, and solutions.
Key Responsibilities
Design and execute penetration tests simulating advanced cyber threat tactics and techniques.
Research emerging threats, vulnerabilities, and attacker methodologies using internal and external resources.
Develop and maintain security assessment project plans.
Create and implement security exploits for penetration testing; continuously adopt new exploit development methods.
Evaluate applicability of exploits and tools for products and applications.
Support security awareness initiatives and product investigations for complaints/incidents.
Participate in requirement reviews, team meetings, and company-wide security knowledge-sharing activities.
Perform code reviews, integration testing, and implement fixes for software defects and change proposals.
Document test plans, scenarios, findings, and recommendations in detailed penetration test reports.
Provide regular progress updates and conduct technical reviews of test activities and results.
Qualifications
Domain Expertise
Deep understanding of firmware, operating systems, applications, networks, encryption algorithms, and access control models.
Proficiency in coding languages: Assembly, C, C++, Java, C#, .NET, Python.
Expertise in operating systems (Linux, Windows), databases (MS SQL, MySQL, Postgres), and application/web servers (Apache, IIS, Wildfly).
Strong networking knowledge (switching, routing, firewalls) and hardware hacking (JTAG, FPGA, USB).
Experience with security testing tools: Kali Linux, Nessus, Metasploit, BurpSuite, Wireshark, etc.
Familiarity with secure coding practices (OWASP), SDLC, and security frameworks (ISO 2700x, NIST).
Understanding of medical device regulations and quality system requirements.
Agile/Digital Experience
Passion for Agile processes, data-driven development, and collaborative cross-functional teams.
Individual Skills
Self-motivated, strong problem-solving and analytical skills.
Excellent communication and teamwork abilities.
Ability to thrive under pressure and adapt to changing priorities.
Education & Experience
Bachelor’s degree with 12+ years of related experience OR Master’s degree with 10+ years of related experience.
Degree in Computer Science, Cybersecurity, Software Engineering, or related technical discipline.