Staff Product Security Engineer
About The Position
We are seeking a Staff Product Security engineer to join the software team within the Endoluminal business unit. The successful candidate in this role will serve as the primary security interface between the Endoluminal business unit and our centralized product security teams. This role spans embedded security for network-connected medical devices as well as cloud security for web applications and services. The ideal candidate is a strong individual contributor today with the potential to help shape our long-term security operating model, including mentoring engineers and contributing to future team-building efforts.
Requirements
- Hands-on experience in cybersecurity engineering, with working knowledge of both embedded and cloud platforms.
- Experience with embedded system or device security, including secure boot, firmware, interfaces, and attack surface reduction.
- Experience securing cloud-native applications and services, including identity, networking, APIs, data protection.
- Experience in one or more cyber security frameworks and compliance standards, including NIST and ISO.
- Practical experience with threat modeling, vulnerability assessment, and security architecture design.
- Ability to work effectively across organizational boundaries and communicate with engineering, product, and security stakeholders.
- Excellent problem-solving skills and a collaborative mindset.
- Bachelor's or Master’s degree in computer science or related field.
- Minimum of 8 years relevant experience in software product security.
Nice To Haves
- Experience working with medical devices and FDA pre- and post-market cybersecurity guidance.
- Experience with defining and implementing data privacy requirements.
Responsibilities
- Act as the product security point of contact for the business unit, collaborating with centralized security, IT, compliance, and engineering teams.
- Drive secure-by-design practices across embedded medical devices and cloud-based applications.
- Provide hands-on technical leadership for security architecture, threat modeling, and risk assessments
- Partner with software teams to manage embedded product security, including interfaces to external imaging systems, devices, removable media, networks, and service tooling.
- Partner with software teams to manage cloud product security, including web apps, services, data platforms, and pipelines.
- Translate corporate security standards into practical product implementations.
- Maintain a hands-on role in design reviews, code reviews, vulnerability management, pen testing, and incident response.
- Support regulatory and industry security requirements relevant to medical devices.
- Set best practices for tools and technologies that make our security posture more effective
Benefits
- market-competitive compensation packages, inclusive of base pay, incentives, benefits, and equity.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
