Senior Product Security Architect Medical Device

Immediate need for a talented Senior Product Security Architect Medical Device. This is a 08+months contract opportunity with long-term potential and is located in San Diego/Orange County, CA area(Remote). Please review the job description below and contact me ASAP if you are interested.

Job ID: 26-11974

Pay Range: $85/hr - $90/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision).

Key Responsibilities:

• Security Architecture & Design
• Define end-to-end security architecture across devices, apps, and cloud
• Establish baseline security patterns (auth, encryption, secure updates)
• Conduct Threat Modeling, Risk Assessments, Requirements/Controls Mapping, Security White Papers
• Lead and Drive Security Design Reviews & Roadmap Remediations/Mitigations
• Secure SDLC
• Implement lean Secure SDLC aligned to NIST, OWASP, and BSIMM
• Integrate SAST, SCA, secrets scanning, container/IaC scanning
• Define minimum viable security gates
• Regulatory & Compliance
• Support FDA cybersecurity documentation (threat models, SBOMs, risk assessments)
• Align with IEC 62304, ISO 14971
• Ensure audit-ready documentation
• Cloud Security
• Architect secure integrations with BD s Cloud Platforms
• Secure device-to-cloud data flows
• SBOM & Vulnerability Management
• Establish SBOM processes (SPDX, CycloneDX)
• Implement continuous vulnerability monitoring
• Define risk-based remediation SLAs
• Cross-Functional Leadership
• Collaborate with engineering, quality, regulatory, and product teams
• Translate security into patient safety and business risk
• Mentor teams
• Role Focus
• Apply risk-proportionate security controls
• Emphasize secure-by-design and secure-by-default
• Enable efficient FDA submissions (510(k), De Novo)
• Balance usability, workflow, and security

Key Requirements and Technology Experience:

• 10+ years cybersecurity experience
• Experience with FDA Class I/II devices
• Knowledge of embedded, cloud, and application security
• Familiarity with FDA submissions
• Experience with IoMT ecosystems
• Knowledge of FDA Cybersecurity Pre & Post Market Guidance, UL 2900, AAMI TIR57/TIR97
• DevSecOps experience
• Certifications (CISSP, CCSP, CSSLP)
• Ability to right-size security controls
• Strong risk-based decision-making
• Communication across technical and non-technical teams
• SBOM completeness
• Reduction in critical vulnerabilities
• FDA submission success
• Time-to-remediate vulnerabilities

Our client is a leading Medical DeviceIndustry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration.

Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from Pyramid Consulting, Inc. and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy .