Sr Product Security Engineer (Medtech)

TL;DR

Sr Product Security Engineer (Cybersecurity): Designing advanced cybersecurity architectures and procedural frameworks to support cyber resilience throughout the medical device product life cycle with an accent on threat modeling and vulnerability assessments. Focus on implementing secure boot, data protection, and cloud-native platform security for neurological and spinal therapies.

Location: Onsite 4 days a week in Minneapolis, MN, or other US locations (Fort Worth, Milwaukee, Boston). Must possess unrestricted U.S. work authorization (Sponsorship only for Principal-level roles).

Salary: $125,600.00 - $188,400.00

Company

Global healthcare technology leader dedicated to alleviating pain, restoring health, and extending life through innovative biomedical devices.

What you will do

• Implement security requirements across the medical device development lifecycle, collaborating from design to deployment.
• Conduct threat modeling and vulnerability assessments to identify and mitigate security risks.
• Support the design of secure medical devices, implementing secure boot, communications, data protection, and access controls.
• Mature the digital health platform architecture for web and cloud-native platforms, executing surveillance strategies.
• Implement and maintain security policies following NIST, ISO 27001, and IEC 81001-5-1 standards.

Requirements

• Bachelor's degree in Computer Science or related field with 4+ years of experience in cybersecurity, embedded, or IoT security.
• Hands-on experience in cybersecurity architecture, cloud security, and cryptography.
• Strong understanding of frameworks such as NIST and OWASP, and standards like ISO 27001, ISO 14971, or HITRUST.
• Working knowledge of secure SDLC principles and DevSecOps within agile software development teams.
• Unrestricted U.S. work authorization is required at the time of hire.

Nice to have

• Previous experience with medical devices or other highly regulated industries.
• Certifications such as CISSP, CISM, or CompTIA Security+.

Culture & Benefits

• Competitive base salary and short-term incentive plans (MIP).
• Comprehensive health, dental, and vision insurance with HSA and FSA options.
• 401(k) plan with employer contribution and matching.
• Employee Stock Purchase Plan and tuition reimbursement.
• Global well-being program (Simple Steps) and paid time off.