Overview
Remote
To define
Full Time
Skills
Product Design
Healthcare Information Technology
Artificial Intelligence
Product Development
SCADA
Pharmaceutics
Computer Hardware
Leadership
CISSP
OSCP
RTOS
OWASP
Threat Modeling
Continuous Integration
Continuous Delivery
Workflow
C
C++
Python
Robotics
Machine Learning (ML)
Computer Vision
HL7
PACS
FPGA
Network
Innovation
Collaboration
Security Architecture
Design Controls
Security QA
Testing
Technical Support
Product Management
Marketing
Training
Sales Process
Regulatory Compliance
Privacy
SAP BASIS
Software Development
Software Security
ISO 9000
Medical Devices
Project Management
Communication
Risk Management
Web Application Security
Embedded Systems
IoT
Real-time
Operating Systems
Firmware
RFID
Wireless Communication
Bluetooth
SAP LE
Mechanical Engineering
Biomedicine
Electrical Engineering
Software Engineering
Computer Science
Information Security
Cyber Security
Insurance
Job Details
Arthrex, Inc. is a global medical device company and a leader in new product development and medical education. We are a privately held company that strives to accomplish our corporate mission of Helping Surgeons Treat Their Patients Better . We are committed to delivering uncompromising quality to the health care professionals who use our products, and ultimately, the millions of patients whose lives we impact.
Arthrex Benefits
Medical, Dental and Vision Insurance
Company-Provided Life Insurance
Voluntary Life Insurance
Flexible Spending Account (FSA)
Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
Matching 401(k) Retirement Plan
Annual Bonus
Wellness Incentive Program
Free, Onsite Medical Clinics
Free Lunch
Tuition Reimbursement Program
Trip of a Lifetime
Paid Parental Leave
Paid Time Off
Volunteer PTO
Employee Assistance Provider (EAP)
Please note, most benefits are for regular, full time employees.
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law.
Position: Senior Embedded Product Security Engineer
Location: Santa Barbara, CA and REMOTE/HYBRID, preference for a candidate located in the PST time zone.
Secure the Future of Healthcare One Device at a Time.
At Arthrex, we re not just building medical devices we re shaping the future of healthcare. Our mission is simple yet powerful: Helping Surgeons Treat Their Patients Better . Now, we re looking for a visionary engineer to help us secure the next generation of connected and IoT medical technology.
If you thrive on solving complex security challenges and want your work to make a real impact on lives worldwide, this is your moment.
------------------------------------------
Why This Role Matters
As our Sr. Embedded Product Security Engineer, you ll be a guardian of innovation ensuring every device we create is secure, resilient, and trusted. You ll collaborate with elite product design teams, dive deep into architecture reviews, and lead the charge in vulnerability testing. Your expertise will shape global regulatory submissions and protect cutting-edge and legacy medical technology.
------------------------------------------
What You ll Do
* Lead and take ownership of product security across a product line.
* Architect security solutions for embedded systems and IoT devices.
* Drive security initiatives for advanced technologies - including robotics and AI / Machine Learning driven systems.
* Hunt vulnerabilities, assess risk, and design countermeasures that keep attackers at bay.
* Drive Security-by-Design and Privacy-by-Design principles across development.
* Work closely with Legal, Compliance, Regulatory, and Enterprise IT to align product security with international regulations and organizational policies.
* Represent Arthrex at premier security events like DEF CON, Black Hat, and Health-ISAC Conferences.
* Document and champion our Secure Product Development Framework.
------------------------------------------
What You Bring
* Experience: 5+ years in cybersecurity-focused positions spanning software engineering, IoT and SCADA environments, regulated industries (medical device/pharma), or hardware security testing.
* Education: Bachelor s in Software Engineering, Computer Science, Software focused-Cybersecurity, or related field.
* Leadership & Ownership: A proven track record of leading and owning security for products, influencing design decisions and guiding teams through the full product lifecycle from concept to global launch.
* Ensuring Security in a Dynamic, Evolving Landscape: Embrace change and ambiguity as opportunities, ensuring security remains a constant in an environment of rapid innovation.
* Strategic Mindset: Ability to embed security into every phase of development, ensuring compliance, resilience, and innovation.
* Bonus Certifications: CISSP, OSCP, OSWE, CSSLP, GIAC.
* Technical Skills:
* Securing Embedded systems, firmware, real-time OS (RTOS), IoT lifecycle
* Proficiency in advanced application security methodologies (OWASP Top 10, MITRE CWEs and ATT&CK)
* Architecture design, threat modeling, and vulnerability mitigations.
* Demonstrated experience in SBOMs and third-party software risk management, coupled with building automated CI/CD workflows for embedded systems in C/C++ and Python
* Bonus Skills: Yocto Project, FDA/ISO guidelines, Robotics, Machine Learning, Computer Vision, HL7, PACS, FPGA
------------------------------------------
Why You ll Love It
* Work on technology designed to improve patient outcomes and enhance quality of life.
* Experience the stability and vision of a privately held organization with global reach.
* Access world-class training and certifications.
* Network with the best minds in medical device cybersecurity and compliance.
* Be part of a culture that values innovation, collaboration, speed, and impact.
------------------------------------------
Ready to secure the future of healthcare?
Apply now and become the force that keeps our technology and our patients safe.
Essential Duties and Responsibilities:
* Designs security architecture of components or functional systems and modifies existing designs to develop or improve products.
* Recommends alterations to development and design to improve the security of products and/or procedures.
* Contributes to a broader design perspective and considers how an application interacts with the underlying infrastructure or external resources.
* Develops threat scenarios and designs responses for associated vulnerabilities to mitigate risk.
* Maintains design history file for assigned projects, adhering to Arthrex design control procedures.
* Determines the necessity of security testing and initiates testing of assigned products.
* Provides Regulatory department technical support for assigned projects as needed.
* Supports Marketing and Product Management with technical information to be used for training and marketing of assigned products.
* Supports Software Engineering to design and develop components, processes, and training using Security-by-Design and Privacy-by-Design principles.
* Supports surgeon and distributor customers in the sales process by educating and demonstrating security-focused aspects of assigned products as needed.
* Partner with Legal, Compliance, Privacy, and Information Security departments to ensure products and staff comply with required laws, regulations, and policies.
* Reports progress and status of assigned projects on a timely basis.
* May be required to travel; International travel may be required
Skills:
* Knowledgeable of System and Software Development Processes and Lifecycles required.
* Knowledgeable of application security best practices required.
* Yocto project knowledge and embedded development processes preferred.
* Knowledgeable of FDA and ISO guidelines for the development of medical devices preferred.
* Project management and communication skills preferred
* Proficiency in the use of threat scenarios and risk mitigation techniques preferred.
* Experience in web application security and controls concepts preferred..
* Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred.
Education/ Experience:
* 5 years of related experience
Bachelor s degree required preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering), Computer Science, Information Security, or Cybersecurity
Arthrex Benefits
* Medical, Dental and Vision Insurance
* Company-Provided Life Insurance
* Voluntary Life Insurance
* Flexible Spending Account (FSA)
* Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
* Matching 401(k) Retirement Plan
* Annual Bonus
* Wellness Incentive Program
* Gym Reimbursement Program
* Tuition Reimbursement Program
* Trip of a Lifetime
* Paid Parental Leave
* Paid Time Off
* Volunteer PTO
* Employee Assistance Provider (EAP)
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law.
Arthrex Benefits
Medical, Dental and Vision Insurance
Company-Provided Life Insurance
Voluntary Life Insurance
Flexible Spending Account (FSA)
Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
Matching 401(k) Retirement Plan
Annual Bonus
Wellness Incentive Program
Free, Onsite Medical Clinics
Free Lunch
Tuition Reimbursement Program
Trip of a Lifetime
Paid Parental Leave
Paid Time Off
Volunteer PTO
Employee Assistance Provider (EAP)
Please note, most benefits are for regular, full time employees.
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law.
Position: Senior Embedded Product Security Engineer
Location: Santa Barbara, CA and REMOTE/HYBRID, preference for a candidate located in the PST time zone.
Secure the Future of Healthcare One Device at a Time.
At Arthrex, we re not just building medical devices we re shaping the future of healthcare. Our mission is simple yet powerful: Helping Surgeons Treat Their Patients Better . Now, we re looking for a visionary engineer to help us secure the next generation of connected and IoT medical technology.
If you thrive on solving complex security challenges and want your work to make a real impact on lives worldwide, this is your moment.
------------------------------------------
Why This Role Matters
As our Sr. Embedded Product Security Engineer, you ll be a guardian of innovation ensuring every device we create is secure, resilient, and trusted. You ll collaborate with elite product design teams, dive deep into architecture reviews, and lead the charge in vulnerability testing. Your expertise will shape global regulatory submissions and protect cutting-edge and legacy medical technology.
------------------------------------------
What You ll Do
* Lead and take ownership of product security across a product line.
* Architect security solutions for embedded systems and IoT devices.
* Drive security initiatives for advanced technologies - including robotics and AI / Machine Learning driven systems.
* Hunt vulnerabilities, assess risk, and design countermeasures that keep attackers at bay.
* Drive Security-by-Design and Privacy-by-Design principles across development.
* Work closely with Legal, Compliance, Regulatory, and Enterprise IT to align product security with international regulations and organizational policies.
* Represent Arthrex at premier security events like DEF CON, Black Hat, and Health-ISAC Conferences.
* Document and champion our Secure Product Development Framework.
------------------------------------------
What You Bring
* Experience: 5+ years in cybersecurity-focused positions spanning software engineering, IoT and SCADA environments, regulated industries (medical device/pharma), or hardware security testing.
* Education: Bachelor s in Software Engineering, Computer Science, Software focused-Cybersecurity, or related field.
* Leadership & Ownership: A proven track record of leading and owning security for products, influencing design decisions and guiding teams through the full product lifecycle from concept to global launch.
* Ensuring Security in a Dynamic, Evolving Landscape: Embrace change and ambiguity as opportunities, ensuring security remains a constant in an environment of rapid innovation.
* Strategic Mindset: Ability to embed security into every phase of development, ensuring compliance, resilience, and innovation.
* Bonus Certifications: CISSP, OSCP, OSWE, CSSLP, GIAC.
* Technical Skills:
* Securing Embedded systems, firmware, real-time OS (RTOS), IoT lifecycle
* Proficiency in advanced application security methodologies (OWASP Top 10, MITRE CWEs and ATT&CK)
* Architecture design, threat modeling, and vulnerability mitigations.
* Demonstrated experience in SBOMs and third-party software risk management, coupled with building automated CI/CD workflows for embedded systems in C/C++ and Python
* Bonus Skills: Yocto Project, FDA/ISO guidelines, Robotics, Machine Learning, Computer Vision, HL7, PACS, FPGA
------------------------------------------
Why You ll Love It
* Work on technology designed to improve patient outcomes and enhance quality of life.
* Experience the stability and vision of a privately held organization with global reach.
* Access world-class training and certifications.
* Network with the best minds in medical device cybersecurity and compliance.
* Be part of a culture that values innovation, collaboration, speed, and impact.
------------------------------------------
Ready to secure the future of healthcare?
Apply now and become the force that keeps our technology and our patients safe.
Essential Duties and Responsibilities:
* Designs security architecture of components or functional systems and modifies existing designs to develop or improve products.
* Recommends alterations to development and design to improve the security of products and/or procedures.
* Contributes to a broader design perspective and considers how an application interacts with the underlying infrastructure or external resources.
* Develops threat scenarios and designs responses for associated vulnerabilities to mitigate risk.
* Maintains design history file for assigned projects, adhering to Arthrex design control procedures.
* Determines the necessity of security testing and initiates testing of assigned products.
* Provides Regulatory department technical support for assigned projects as needed.
* Supports Marketing and Product Management with technical information to be used for training and marketing of assigned products.
* Supports Software Engineering to design and develop components, processes, and training using Security-by-Design and Privacy-by-Design principles.
* Supports surgeon and distributor customers in the sales process by educating and demonstrating security-focused aspects of assigned products as needed.
* Partner with Legal, Compliance, Privacy, and Information Security departments to ensure products and staff comply with required laws, regulations, and policies.
* Reports progress and status of assigned projects on a timely basis.
* May be required to travel; International travel may be required
Skills:
* Knowledgeable of System and Software Development Processes and Lifecycles required.
* Knowledgeable of application security best practices required.
* Yocto project knowledge and embedded development processes preferred.
* Knowledgeable of FDA and ISO guidelines for the development of medical devices preferred.
* Project management and communication skills preferred
* Proficiency in the use of threat scenarios and risk mitigation techniques preferred.
* Experience in web application security and controls concepts preferred..
* Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred.
Education/ Experience:
* 5 years of related experience
Bachelor s degree required preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering), Computer Science, Information Security, or Cybersecurity
Arthrex Benefits
* Medical, Dental and Vision Insurance
* Company-Provided Life Insurance
* Voluntary Life Insurance
* Flexible Spending Account (FSA)
* Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
* Matching 401(k) Retirement Plan
* Annual Bonus
* Wellness Incentive Program
* Gym Reimbursement Program
* Tuition Reimbursement Program
* Trip of a Lifetime
* Paid Parental Leave
* Paid Time Off
* Volunteer PTO
* Employee Assistance Provider (EAP)
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other status protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.