Principal Cybersecurity Engineer jobs in United States
info-icon
This job has closed.
company-logo

Boston Scientific · 1 day ago

Principal Cybersecurity Engineer

positionArbor Lakes, MN
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
money$99K/yr - $188K/yr
date9+ years exp

Boston Scientific is a leader in medical science, committed to solving important health industry challenges. They are seeking a Principal Cybersecurity Engineer to oversee and guide the cybersecurity strategy throughout the product lifecycle, ensuring compliance with relevant standards and regulations.

Health CareMedicalMedical Device
check
H1B Sponsor Likelynote

Responsibilities

Interpret and apply relevant cybersecurity standards and regulations (e.g., FDA/CMDE/MDCG Cybersecurity Guidance, IEC 62443, ISO 14971, HIPAA, GDPR) to ensure product compliance
Stay current with emerging regulations and standards related to medical device security (e.g., FDA Premarket Guidance, Post-market Cybersecurity Guidance)
Collaborate with product development teams to embed security controls throughout the design, development, and maintenance phases
Lead threat modeling and security risk assessments across the organization, identifying and evaluating potential threats and vulnerabilities
Elicit and define product security needs and requirements; define product security architectures and design specifications, and verification and validation strategies
Conduct vulnerability assessments, fuzzing and penetration testing to identify and mitigate risks
Establish best practices and processes for secure coding, configuration management, and patching
Develop and implement risk mitigation strategies and maintain risk management documentation
Oversee and enhance incident response plans and processes, ensuring rapid and effective resolution of security incidents
Drive continuous improvement of vulnerability management, including the evaluation and deployment of necessary patches or updates
Work closely with internal stakeholders (Software Development, Quality, Regulatory, IT, etc.) to align security goals and requirements
Present cybersecurity findings, reports, and recommendations to senior leadership, regulators, and external auditors

Qualification

Cybersecurity engineeringSecurity risk assessmentsCybersecurity frameworksMedical device securitySecure coding practicesVulnerability scanning toolsPenetration testingLeadership skillsTeam-building capabilitiesCommunication skills

Required

Bachelor's or master's degree in Cybersecurity, Computer Science, Computer Engineering, or a related field
9+ years of experience in cybersecurity engineering, with a focus on product development and risk management
Proven experience leading security design and architecture reviews for complex, embedded medical devices or similar technologies
Demonstrated track record of creating and executing security risk assessments and mitigation strategies
In-depth understanding of cybersecurity frameworks (e.g., NIST Cybersecurity Framework)
Understanding of privacy regulations (HIPAA, GDPR) and their intersection with medical device cybersecurity
Strong leadership, decision-making, and team-building capabilities
Excellent written and verbal communication skills for interfacing technical teams, stakeholders, and executive leadership
Ability to work collaboratively across multidisciplinary teams, bridging gaps between technical, regulatory, and business functions

Preferred

5+ years of experience working in the medical device industry or a similarly regulated environment; security architecture or medical device administration experience in healthcare settings is also a plus
Hands-on experience with secure coding practices, vulnerability scanning tools, fuzzing, and penetration testing methodologies
Knowledge of embedded systems security, wireless communications, network protocols, and PKI
Familiarity with FDA regulations and guidance documents for medical devices (e.g., 21 CFR Part 820)
Working knowledge of SW96/TIR57/TIR97, IEC 62304 (software lifecycle), IEC 60601 (electrical safety), and ISO 14971 (risk management)
Experience supporting VA Handbook 6500 compliance and ISO/IEC 27001 certification
Relevant certifications (e.g., GIAC, OffSec, CISSP, CISM, CRISC) are a plus

Company

Boston Scientific

twittertwittertwitter
Glassdoor4.2
company-logo
Boston Scientific is a medical technology company that designs and develops medical devices to diagnose and treat a wide range of condition.
dateFounded in 1979
location
Marlborough, Massachusetts, USA
people-size10001+ employees
web-link
http://www.bostonscientific.com

H1B Sponsorship

Boston Scientific has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (114)
2024 (106)
2023 (93)
2022 (140)
2021 (111)
2020 (97)

Funding

Current Stage
Public Company
Total Funding
$10.02B
2025-02-21Post Ipo Debt· $1.58B
2024-02-22Post Ipo Debt· $2.17B
2022-03-04Post Ipo Debt· $3.28B

Leadership Team

leader-logo
Michael Mahoney
Chairman, President & CEO
linkedin
leader-logo
Daniel J. Brennan
Chief Financial Officer
linkedin

Recent News

BioWorld Financial Watch
Insider trading defendant hit with fines under civil code
2025-12-25
Globes
Boston Scientific transferring Galil Medical activity to Ireland
2025-12-12
PharmiWeb
Boston Scientific and BPH treatment with Rezūm™ Water Vapour Therapy
2025-12-11
Company data provided by crunchbase