Cybersecurity Engineer – Medical Devices

Job Description:

We are seeking a Cybersecurity Engineer with strong expertise in threat modeling, secure design, and documentation to support the development and lifecycle management of medical devices. This role will focus on identifying security risks, defining mitigation strategies, and ensuring compliance with industry standards and regulatory requirements.

Key Responsibilities:

• Perform comprehensive threat modeling for medical device systems, including embedded and connected devices
• Collaborate with cross-functional teams (R&D, Quality, Regulatory) to integrate cybersecurity into product design
• Define and implement secure design principles across the product lifecycle
• Develop and maintain cybersecurity documentation, including risk assessments, security requirements, and design artifacts
• Support compliance with applicable standards (FDA guidance, ISO 14971, IEC 62304, AAMI TIR57, etc.)
• Conduct security risk analysis and recommend mitigation strategies
• Participate in design reviews and ensure alignment with cybersecurity best practices
• Support audits, regulatory submissions, and cybersecurity-related documentation

Required Skills & Qualifications:

• Strong experience in cybersecurity within medical devices or regulated industries
• Hands-on experience with threat modeling methodologies (STRIDE, attack trees, etc.)
• Solid understanding of secure product design and architecture
• Experience creating and maintaining technical documentation and risk management files
• Knowledge of medical device regulations and cybersecurity standards
• Familiarity with embedded systems, networking, and software security principles
• Strong communication skills and ability to work cross-functionally

Preferred Qualifications:

• Experience working with FDA cybersecurity guidelines for medical devices
• Background in risk management and quality systems
• Certifications such as CISSP, CEH, or equivalent