Cybersecurity Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Spectral AI · 4 hours ago

Cybersecurity Engineer

positionDallas, TX
timeFull-time
remoteHybrid
seniorityMid Level
date3+ years exp

Spectral AI, Inc. is seeking a Cybersecurity Engineer to join their growing design and development team. The role involves supporting the design, development, and maintenance of secure medical device software systems while ensuring compliance with cybersecurity regulations and standards.

AnalyticsArtificial Intelligence (AI)BiotechnologyHealth CareMachine LearningMedical Device

Responsibilities

Institute Security-by-Design practices throughout the entire lifecycle of the Spectral device software, AI models, firmware, and hardware
Develop and maintain cybersecurity standard operating procedures (SOPs) and work instructions that support compliance with regulatory and security requirements in all target markets for Spectral products
Support design reviews by providing security input and ensuring cybersecurity is integrated into design controls
Perform cybersecurity risk assessments for medical device systems using structured methodologies (Threat Modeling, STRIDE, DREAD, Attack Trees, SBOM analysis)
Execute and document risk evaluation aligned with AAMI TIR57, AAMI TIR97, FDA Premarket Cybersecurity Guidance, and ISO 14971
Participate actively in Coordinated Vulnerability Disclosure (CVD) processes, working with internal team and vendors to ensure vulnerabilities are responsibly reported, remediated, and communicated in alignment with industry best practices
Maintain and periodically update cybersecurity documentation and supporting artifacts, including: Security risk assessment, Security risk management reports, Threat models, Cybersecurity requirements, testing, and traceability matrices in alignment with FDA guidance and IEC 81001
Collaborate with software engineers to implement secure coding practices and structured code review processes
Ensure correct implementation of security requirements, encryption standards, authentication and authorization controls, and security-relevant logging
Evaluate SOUP/OTS components for vulnerabilities, maintenance status, and compliance with FDA software bill of material (SBOM) requirements
Support the creation and ongoing maintenance of SBOM (e.g. CycloneDX, SPDX) using automated tools such as HELM and Dependency-Check
Perform vulnerability scanning across firmware, software, cloud services, Linux-based, and Windows-based cart devices
Triage and validate Common Vulnerabilities and Exposures (CVEs) relevant to device components, run-time environments, and third-party libraries
Prepare vulnerability mitigation plans and support development teams during remediation
Support integration of security controls across local, handheld, and cloud-connected medical devices
Prepare documentation, architecture diagrams, and accounts for test execution
Track findings, analyze root causes, and support remediation verification
Assist in establishing cybersecurity monitoring processes for fielded devices and cloud environments
Investigate security anomalies and incidents, perform log analysis, and support corrective/preventive actions (CAPA)

Qualification

Cybersecurity EngineeringFDA Premarket Cybersecurity GuidanceIEC 62304 Software LifecycleVulnerability ManagementSecure Coding PracticesAnalytical SkillsTechnical WritingCollaboration SkillsProblem-Solving Skills

Required

Bachelor's degree or above in Computer Science, Cybersecurity, Electrical/Computer Engineering, or a related field
3–5 years of proven experience in cybersecurity engineering, ideally within medical devices, healthcare technology, regulated software, or other safety-critical systems
Demonstrated proficiency in technical writing, ensuring accurate, comprehensive, and well‑structured documentation for software cybersecurity
FDA Premarket Cybersecurity Guidance
IEC 62304 Software Lifecycle
AAMI TIR57 / TIR97
OWASP Top 10, CWE, and secure coding principles
Familiarity with Transport Layer Security (TLS), certificate management, encryption protocols (e.g. AES, RSA), and authentication/authorization models
Understanding of cybersecurity vulnerabilities and FDA reporting requirements
Understanding of Windows and Linux OS hardening, cloud security (AWS/Azure), and secure configuration

Preferred

Experience supporting FDA medical device submissions with cybersecurity documentation
Hands-on experience with medical cart or handheld device security (Windows, Linux, embedded OS)
Experience with cloud-connected medical systems (AWS IoT, secure APIs, VPN connections)
Certifications such as Security+, CySA+, CISSP, GSEC, CEH, or industry equivalent

Company

Spectral AI

twittertwittertwitter
company-logo
Spectral AI specializes in predictive analytics with a platform that uses proprietary artificial intelligence (AI).
dateFounded in 2009
location
Dallas, Texas, USA
people-size51-200 employees
web-link
https://www.spectral-ai.com/

Funding

Current Stage
Public Company
Total Funding
$128.7M
Key Investors
Avenue Capital GroupMedical Technology Enterprise ConsortiumBiomedical Advanced Research and Development Authority (BARDA)
2025-10-23Post Ipo Equity· $7.6M
2025-03-24Post Ipo Equity· $2.7M
2025-03-24Post Ipo Debt· $8.5M

Leadership Team

leader-logo
Jeremiah Sparks
Chief Commercial Officer
linkedin

Recent News

Spectral AI, Inc.
DeepView™ System Featured at 2025 US Burn Conferences
2025-11-19
Spectral AI, Inc.
Spectral AI Announces 2025 Third Quarter Financial Results
2025-11-12
Spectral AI, Inc.
Spectral AI Schedules 2025 Third Quarter Financial Results and Conference Call
2025-10-29
Company data provided by crunchbase