Principal Cybersecurity Engineer

Boston Scientific•San Diego, CA

17h

About The Position

Bachelor's or master's degree in Cybersecurity, Computer Science, Computer Engineering, or a related field. 9+ years of experience in cybersecurity engineering, with a recent focus on product security as it extends to the IoT cloud. Proven experience leading security design and architecture reviews for complex, embedded medical devices or similar technologies. Demonstrated history of creating and executing security risk assessments and mitigation strategies. In-depth understanding of cybersecurity frameworks (e.g., NIST Cybersecurity Framework) including best practices for defense in depth. Excellent written and verbal communication skills for interfacing technical teams, stakeholders, and executive leadership. Ability to work collaboratively across multidisciplinary teams, bridging gaps between technical, regulatory, and business functions. 5+ years of experience working in the medical device industry or a similarly regulated environment; security architecture or medical device administration experience in healthcare settings is also a plus. Development experience in securing Windows IoT, Android, or Yocto Linux. Deep knowledge of the deployment environment for medical devices into health delivery organizations, including Active Directory (AD) or Single Sign On (SSO) integrations. Hands-on experience with IoT cloud deployments such as Azure or AWS. Experience writing code, with secure coding practices, vulnerability scanning tools, and penetration testing methodologies. Knowledge of embedded systems security, wireless communications, network protocols, and PKI. Experience supporting VA Handbook 6500 compliance, ISO/IEC 27001 certification a Relevant certifications (e.g., GIAC, CISM, CRISC) are a plus. Experience with vulnerability and risk assessments including use of CVSS.

Requirements

Bachelor's or master's degree in Cybersecurity, Computer Science, Computer Engineering, or a related field.
9+ years of experience in cybersecurity engineering, with a recent focus on product security as it extends to the IoT cloud.
Proven experience leading security design and architecture reviews for complex, embedded medical devices or similar technologies.
Demonstrated history of creating and executing security risk assessments and mitigation strategies.
In-depth understanding of cybersecurity frameworks (e.g., NIST Cybersecurity Framework) including best practices for defense in depth.
Excellent written and verbal communication skills for interfacing technical teams, stakeholders, and executive leadership.
Ability to work collaboratively across multidisciplinary teams, bridging gaps between technical, regulatory, and business functions.
5+ years of experience working in the medical device industry or a similarly regulated environment
Development experience in securing Windows IoT, Android, or Yocto Linux.
Deep knowledge of the deployment environment for medical devices into health delivery organizations, including Active Directory (AD) or Single Sign On (SSO) integrations.
Hands-on experience with IoT cloud deployments such as Azure or AWS.
Experience writing code, with secure coding practices, vulnerability scanning tools, and penetration testing methodologies.
Knowledge of embedded systems security, wireless communications, network protocols, and PKI.
Experience supporting VA Handbook 6500 compliance, ISO/IEC 27001 certification
Experience with vulnerability and risk assessments including use of CVSS.

Nice To Haves

security architecture or medical device administration experience in healthcare settings is also a plus.
Relevant certifications (e.g., GIAC, CISM, CRISC) are a plus.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume