Apply on Employer Site

Boston Scientific · 2 days ago

Senior Cyber Security Engineer

Arden Hills, MN

Full-time

Onsite

Mid, Senior Level

$83K/yr - $157K/yr

5+ years exp

Boston Scientific is a leader in medical science, and they are seeking a Senior Cyber Security Engineer to lead and support critical post-market cybersecurity activities within the Cardiac Rhythm Management R&D organization. This role focuses on operationalizing security processes and ensuring compliance with quality systems while maintaining the security posture of the company’s products and applications.

Health CareMedicalMedical Device

No H1B

Responsibilities

Support and manage applicable tools for pre and post market security testing, support integration of the tools into the quality processes

Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks

Monitor changes in security controls of products and update the product inventory and tracking database as needed and communicate to stakeholders

Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts

Support, as needed, security risk assessment and threat modelling services for CRM products businesses and product development life cycle

Support, as needed, application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software

Qualification

CybersecurityVulnerability analysisThreat modelingPenetration testingCybersecurity certificationsWindows OSLinux OSApplication securityCommunication skillsCollaborationDrive for learning

Required

Bachelor's degree or higher

5+ years of Research & Development or Information Technology experience, preferably in cybersecurity roles in medical device development or health care organizations

Drive for learning cybersecurity and a passion for securing products

Experience with vulnerability analysis of Windows and Linux operating systems as well as software

Experience across various OS platforms such as Windows, MacOS, Linux, and Mobile (iOS, Android)

General understanding of cybersecurity techniques, controls, and methodologies from frameworks such as NIST Special Publications and ISO standards

Preferred

Cybersecurity certifications (e.g. Network+, Security+, CSSLP, HCISPP, CEH, CISSP) a plus

Benefits

Compensation may also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).

Compensation for exempt, non-sales roles may also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).