Sr Product Security Engineer

About The Position

Requirements

• Previous experience as a cyber security engineer for cloud security products in a regulated industry.
• Experience in cybersecurity, threat modeling, security incident management, and contributing to proactive security strategies.
• Hands-on experience in cyber security architecture, cloud security, and cryptography.
• Experience working in agile software development teams.
• Bachelor's degree in Computer Science or a related field with 4+ years of experience in cyber security, embedded systems security, IoT security, IT security, or a related role.
• Advanced degree in Computer Science or a related field with significant academic work in cyber security and 3+ years of experience in a related role.
• Strong understanding of cyber security concepts and frameworks (e.g. NIST, OWASP)
• Familiarity with security standards such as ISO 27001, ISO 14971, or HITRUST
• Working knowledge of secure software development lifecycle (SDLC) principles and DevSecOps
• Strong understanding of advanced cryptography, Hardware Security Module concepts, and secure key generation and management
• Proactive communication skills to identify, present, and persuade leadership on cyber security risks
• Strong problem-solving and analytical skills
• Ability to collaborate effectively in cross-functional teams
• For Baccalaureate degrees earned outside of the United States, a degree that satisfies the requirements of 8 C.F.R. § 214.2(h)(4)(iii)(A) is required.

Nice To Haves

• Experience with medical devices or regulated industries.
• CompTIA Security+, CISSP, CISM, or similar security certifications.

Responsibilities

• Implement security requirements across the medical device development lifecycle by collaborating with teams to uphold best practices from design to deployment.
• Conduct threat modeling and vulnerability assessments to identify and mitigate security risks throughout the product lifecycle.
• Support the design and deployment of secure medical devices by implementing features like secure boot, communications, data protection, updates, integration, and access controls.
• Implement and mature the digital health platform architecture to meet customer expectations and enable development of digital solutions across Neuromodulation and Pain & Hypertension, including PH My Future, Insights Dashboard, Remote Monitoring, Remote Programming, and the DBS BrainSense Portal.
• Define and execute surveillance strategy across web applications and cloud native platforms.
• Implement and maintain security policies for medical devices following industry standards like NIST, ISO27001, and IEC 81001-5-1.
• Regularly assess compliance and work with development teams to improve security practices.
• Stay updated on cybersecurity trends in medical devices and health software.
• Work with others to improve security strategies and apply best practices.

Benefits

• Competitive Salary
• Flexible Benefits Package
• Incentive plans
• 401(k) plan plus employer contribution and match
• Short-term disability
• Paid time off
• Paid holidays
• Employee Stock Purchase Plan
• Employee Assistance Program
• Non-qualified Retirement Plan Supplement
• Capital Accumulation Plan
• Health, Dental and vision insurance
• Health Savings Account
• Healthcare Flexible Spending Account
• Life insurance
• Long-term disability leave
• Dependent daycare spending account
• Tuition assistance/reimbursement
• Simple Steps (global well-being program)
• Paid sick time (for temporary employees, as required under applicable state law)