Sr. Product Security Engineer II jobs in United States
cer-icon
Apply on Employer Site
company-logo

Glaukos Corporation · 1 day ago

Sr. Product Security Engineer II

positionBurlington, MA
timeFull-time
remoteOnsite
senioritySenior Level
date7+ years exp

Glaukos Corporation is seeking a Senior Product Security Engineer who will lead security efforts across the product lifecycle. This role involves ensuring products meet regulatory expectations and industry best practices for cybersecurity, providing both technical expertise and cross-functional leadership.

Health CareMedicalWellness
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Define security requirements and risk mitigations for new products and features
Translate regulatory and industry security standards (e.g., FDA, ISO 27001, NIST, OWASP) into actionable product requirements
Develop and maintain security architecture diagrams and models for software and integrated systems
Embed secure development practices (threat modeling, secure coding, code review standards) into the software development lifecycle
Define and support secure CI/CD practices, including secrets management, dependency management, and supply-chain security
Partner with DevOps/IT to secure cloud infrastructure, build pipelines, and deployment environments
Assist the testing team with security testing efforts for new and on-market products, including penetration testing, fuzzing, and static/dynamic code analysis
Update and maintain vulnerability management processes, including SBOM creation and maintenance
Collaborate with QA to integrate automated security testing into regression and release pipelines
Generate and maintain pre-market security documentation to support regulatory submissions (e.g., security risk assessments, security architecture views, threat models, FDA cybersecurity guidance compliance)
Maintain records of vulnerability assessments, mitigations, and patch processes
Support audit and inspection readiness with thorough, traceable documentation
Manage product vulnerability assessment and mitigation activities, both pre-market and post-market
Coordinate cross-functional response to newly discovered vulnerabilities, including communication, remediation, and regulatory reporting
Track and monitor vulnerability disclosures from third-party libraries and components
Act as the security subject matter expert across product teams
Provide training and mentoring to engineers on secure design and coding practices
Partner with compliance, regulatory, and quality teams to align product security strategy with organizational goals

Qualification

Security ArchitectureSecure Development LifecycleVulnerability ManagementRegulatory ComplianceCryptography FundamentalsCI/CD Security PracticesSecurity Testing ToolsCloud InfrastructureSoft Skills

Required

7–10 years total professional experience in software engineering, cybersecurity, or related technical fields
3–5 years focused on product or embedded system security, ideally within regulated or safety-critical industries (medical device, aerospace, automotive, or defense)
Demonstrated experience with designing or assessing security architectures for embedded or connected systems
Demonstrated experience with implementing secure development lifecycle (SDL) practices within engineering teams
Demonstrated experience with leading or participating in vulnerability management and coordinated disclosure processes
Demonstrated experience with generating pre-market cybersecurity documentation or equivalent regulatory submissions (e.g., FDA, ISO 14971, IEC 81001-5-1)
Demonstrated experience with collaborating cross-functionally (engineering, QA, regulatory, IT) to implement and sustain security programs
Bachelor's degree in Computer Science, Electrical/Computer Engineering, Cybersecurity, or a related field

Preferred

Prior experience as a product security lead or security point of contact for a commercial medical or industrial product
Experience integrating security testing automation into CI/CD environments
Experience supporting external audits, penetration tests, or third-party security assessments
Master's degree in Cybersecurity, Software Engineering, or Systems Engineering (ideal for regulated product security leadership)

Company

Glaukos Corporation

twittertwittertwitter
company-logo
At Glaukos, our focus is to develop and lead the global ophthalmic market with novel therapies for the treatment of glaucoma, corneal disorders, and retinal diseases—therapies that advance the existing standard of care and enrich the lives and treatment alternatives for patients worldwide.
dateFounded in 1998
location
San Clemente, California, USA
people-size1001-5000 employees
web-link
http://www.glaukos.com

H1B Sponsorship

Glaukos Corporation has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (6)
2023 (1)
2022 (3)
2021 (1)

Funding

Current Stage
Public Company
Total Funding
$121M
Key Investors
Meritech Capital PartnersOrbiMed
2015-06-25IPO
2013-02-07Series F· $30M
2012-10-03Debt Financing· $6M

Leadership Team

leader-logo
Alex Thurman
Senior Vice President and Chief Financial Officer
linkedin
leader-logo
Joseph Gilliam
President & Chief Operating Officer
linkedin

Recent News

BioSpace
Glaukos Announces Participation in J.P. Morgan Healthcare Conference
2025-12-17
MarketScreener
Transcript : Glaukos Corporation Presents at UBS Global Healthcare Conference 2025, Nov-11-2025 10
2025-11-11
Orange County Business Journal
Midday Stock Roundup: OC Firms Down on Quarterly Results
2025-11-09
Company data provided by crunchbase