Product Security Engineer (Medical Devices & Embedded Systems)
• Posted 60+ days ago • Updated 4 minutes agoFull Time
$DOE
Rishabh Software Pvt. Ltd
Fitment
Dice Job Match Score™
✨ Finding the perfect fit...
Job Details
Skills
- Medical Device
- Threat Modeling
- SBOM
Summary
Job Title: Product Security Engineer (Medical Devices & Embedded Systems)
Location: Remote
Duration: 02/24/2025 to 12/31/2025
Location: Remote
Duration: 02/24/2025 to 12/31/2025
The Challenge:
The Product Security Engineer will drive the implementation of enterprise Product Security strategy within the orthopedics portfolio. This role involves enhancing security processes, collaborating across teams, developing security metrics, and promoting security awareness. Key responsibilities include:
The Product Security Engineer will drive the implementation of enterprise Product Security strategy within the orthopedics portfolio. This role involves enhancing security processes, collaborating across teams, developing security metrics, and promoting security awareness. Key responsibilities include:
Supporting new product development by reviewing security requirements and recommending secure design solutions.
Conducting threat modeling, penetration testing, software architecture reviews, and secure code analysis.
Managing post-market security activities, including vulnerability monitoring, patching, and compliance with contractual security requirements.
Conducting threat modeling, penetration testing, software architecture reviews, and secure code analysis.
Managing post-market security activities, including vulnerability monitoring, patching, and compliance with contractual security requirements.
Roles & Responsibilities:
Product Security Strategy: Contribute to the global Product Security Framework and ensure embedded medical devices meet the highest security standards.
Process Improvement & Collaboration: Work with engineering, product management, and compliance teams to enhance security policies for medical device development and support.
Metrics & Reporting: Develop and present security metrics to senior management, providing insights into security posture and progress.
Governance & Compliance: Ensure security measures align with regulatory requirements (FDA, 510k) and industry best practices.
Vulnerability Management & Remediation: Identify, prioritize, and assist in remediating vulnerabilities across the product portfolio.
Threat Modeling & Risk Assessments: Conduct due diligence, threat modeling, and risk assessments for both new and existing products.
Secure Software Development: Guide teams on secure coding practices, code reviews, and best practices for embedded systems security.
Customer & Vendor Security Compliance: Address security-related inquiries, contractual requirements, and compliance standards.
Security Awareness & Training: Lead security awareness initiatives and training sessions within the organization.
Post-Market Security Monitoring: Track and respond to new vulnerabilities in marketed devices, assisting with remediation and patching efforts.
Product Security Strategy: Contribute to the global Product Security Framework and ensure embedded medical devices meet the highest security standards.
Process Improvement & Collaboration: Work with engineering, product management, and compliance teams to enhance security policies for medical device development and support.
Metrics & Reporting: Develop and present security metrics to senior management, providing insights into security posture and progress.
Governance & Compliance: Ensure security measures align with regulatory requirements (FDA, 510k) and industry best practices.
Vulnerability Management & Remediation: Identify, prioritize, and assist in remediating vulnerabilities across the product portfolio.
Threat Modeling & Risk Assessments: Conduct due diligence, threat modeling, and risk assessments for both new and existing products.
Secure Software Development: Guide teams on secure coding practices, code reviews, and best practices for embedded systems security.
Customer & Vendor Security Compliance: Address security-related inquiries, contractual requirements, and compliance standards.
Security Awareness & Training: Lead security awareness initiatives and training sessions within the organization.
Post-Market Security Monitoring: Track and respond to new vulnerabilities in marketed devices, assisting with remediation and patching efforts.
Essential Skills & Qualifications:
Education: Bachelor's degree in Computer Science, Engineering, or a related field (MS preferred).
Experience: Minimum 6 years in security and/or embedded software engineering, preferably in regulated industries (medical devices is a plus).
Education: Bachelor's degree in Computer Science, Engineering, or a related field (MS preferred).
Experience: Minimum 6 years in security and/or embedded software engineering, preferably in regulated industries (medical devices is a plus).
Technical Skills:
o Expertise in real-time operating systems (e.g., QNX, Linux, Windows Embedded) and security hardening.
o Strong understanding of embedded systems security, secure software development, and vulnerability management.
o Experience with penetration testing, threat modeling, and security risk assessments.
o Proficiency in C, C++, C# with secure coding practices and code review experience.
o Familiarity with Software Bill of Materials (SBOM) and compliance implications.
o Expertise in real-time operating systems (e.g., QNX, Linux, Windows Embedded) and security hardening.
o Strong understanding of embedded systems security, secure software development, and vulnerability management.
o Experience with penetration testing, threat modeling, and security risk assessments.
o Proficiency in C, C++, C# with secure coding practices and code review experience.
o Familiarity with Software Bill of Materials (SBOM) and compliance implications.
Security & Regulatory Expertise:
o Knowledge of medical device security requirements, including FDA regulations, 510k submissions, and Quality Design Control.
o Experience with risk management frameworks and vulnerability remediation for medical devices.
o Knowledge of medical device security requirements, including FDA regulations, 510k submissions, and Quality Design Control.
o Experience with risk management frameworks and vulnerability remediation for medical devices.
Communication & Leadership:
o Strong collaboration skills with the ability to convey complex security concepts to non-technical stakeholders.
o Ability to influence cross-functional teams and drive security initiatives.
o Experience in developing and presenting security reports to senior management.
o Strong collaboration skills with the ability to convey complex security concepts to non-technical stakeholders.
o Ability to influence cross-functional teams and drive security initiatives.
o Experience in developing and presenting security reports to senior management.
Preferred Certifications (Not Required):
o CISSP, CEH, MCSD, CSSLP or similar security certifications.
o CISSP, CEH, MCSD, CSSLP or similar security certifications.
Additional Skills:
o Knowledge of cloud-based IoT security is a plus.
o Strong problem-solving and strategic thinking abilities.
o Knowledge of cloud-based IoT security is a plus.
o Strong problem-solving and strategic thinking abilities.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
- Dice Id: 10120850
- Position Id: 2025-29260
- Posted 30+ days ago
Company Info
About Rishabh Software Pvt. Ltd
Established in 2000 by Mr. & Mrs. Raju Shah, Rishabh Software began with a vision to deliver exceptional values to our global clients. For over 25 years of experience, we’ve helped businesses across 25+ countries build agile, customer-centric foundations with a focus on trust, transparency, and long-term value.
With a workforce of 800+ professionals across 08 locations, we have successfully delivered 1400+ solutions. Rishabh has diverse business interests in the areas of engineering, IT, Education, BPO, and emerging innovation-led technology businesses. With offices across India—Vadodara (HQ), Ahmedabad, Pune, Hyderabad, and Bengaluru—and a strong presence in the U.S., U.K., and Australia, we help you reimagine your business through a digital lens.
At Rishabh Software, “WE CARE” about empowering our clients to achieve their goals and unlock new growth opportunities.
Create job alert
Never miss an opportunity! Create an alert based on the job you applied for.Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs