SIGN IN
Principal Cybersecurity Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Boston Scientific · 14 hours ago

Principal Cybersecurity Engineer

positionUS-MA-Marlborough
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
money$102K/yr - $194K/yr
date9+ years exp
Boston Scientific is a leader in medical science, and they are seeking a Principal Cybersecurity Engineer to guide the cybersecurity strategy throughout the product lifecycle. The role involves ensuring compliance with relevant standards and regulations while collaborating with product development teams to embed security controls throughout the design and development phases.
Health CareMedicalMedical Device
check
H1B Sponsor Likelynote

Responsibilities

Lead threat modeling using STRIDE and security risk assessments, identifying, and evaluating potential threats and safety issues
Elicit and define product security needs and requirements; define product security architectures and design specifications, and verification and validation strategies
Stay current with emerging regulations and standards related to medical device security (e.g., FDA Premarket Guidance, Post-market Cybersecurity Guidance, TIR 57)
Collaborate with product development teams to embed security controls throughout the design, development, and maintenance phases
Establish best practices and processes for secure coding, configuration management, and patching
Develop and implement risk mitigation strategies and maintain risk management documentation
Oversee and enhance incident response plans and processes, ensuring rapid and effective resolution of security incidents
Drive continuous improvement of vulnerability management, including the evaluation and deployment of necessary patches or updates
Collaborate closely with internal stakeholders (Software Development, Quality, Regulatory, IT) to align security goals and requirements
Model resiliency and show leadership by presenting topics to the Security Champions program

Qualification

Cybersecurity engineeringSecurity design reviewsRisk assessmentsCybersecurity frameworksMedical device experienceWindows IoT securityIoT cloud deploymentsSecure coding practicesVulnerability managementRegulatory complianceContinuous improvementCommunicationCollaborative teamworkLeadership skillsProblem-solving

Required

Bachelor's or master's degree in Cybersecurity, Computer Science, Computer Engineering, or a related field
9+ years of experience in cybersecurity engineering, with a recent focus on product security as it extends to the IoT cloud
Proven experience leading security design and architecture reviews for complex, embedded medical devices or similar technologies
Demonstrated history of creating and executing security risk assessments and mitigation strategies
In-depth understanding of cybersecurity frameworks (e.g., NIST Cybersecurity Framework) including best practices for defense in depth
Excellent written and verbal communication skills for interfacing technical teams, stakeholders, and executive leadership
Ability to work collaboratively across multidisciplinary teams, bridging gaps between technical, regulatory, and business functions

Preferred

5+ years of experience working in the medical device industry or a similarly regulated environment; security architecture or medical device administration experience in healthcare settings is also a plus
Development experience in securing Windows IoT, Android, or Yocto Linux
Deep knowledge of the deployment environment for medical devices into health delivery organizations, including Active Directory (AD) or Single Sign On (SSO) integrations
Hands-on experience with IoT cloud deployments such as Azure or AWS
Experience writing code, with secure coding practices, vulnerability scanning tools, and penetration testing methodologies
Knowledge of embedded systems security, wireless communications, network protocols, and PKI
Experience supporting VA Handbook 6500 compliance, ISO/IEC 27001 certification
Relevant certifications (e.g., GIAC, CISM, CRISC) are a plus
Experience with vulnerability and risk assessments including use of CVSS

Benefits

Compensation may also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).
Compensation may also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).

Company

Boston Scientific

twittertwittertwitter
Glassdoor4.2
company-logo
Boston Scientific is a medical technology company that designs and develops medical devices to diagnose and treat a wide range of condition.
dateFounded in 1979
location
Marlborough, Massachusetts, USA
people-size10001+ employees
web-link
http://www.bostonscientific.com

H1B Sponsorship

Boston Scientific has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (114)
2024 (106)
2023 (93)
2022 (140)
2021 (111)
2020 (97)

Funding

Current Stage
Public Company
Total Funding
$10.01B
2025-02-21Post Ipo Debt· $1.57B
2024-02-22Post Ipo Debt· $2.17B
2022-03-04Post Ipo Debt· $3.28B

Leadership Team

leader-logo
Michael Mahoney
Chairman, President & CEO
linkedin
leader-logo
Daniel J. Brennan
Chief Financial Officer
linkedin

Recent News

Star Tribune
Watch for these Super Bowl ads made by Minneapolis agencies
2026-02-06
PR Newswire
13 Top Press Releases from January
2026-02-06
WSJ.com: US Business
Boston Scientific Profit, Sales Rise but Issues Soft Guidance
2026-02-05
Company data provided by crunchbase