Senior Product Security Engineer (Medical Devices)

Trident Consulting is seeking a " Product Security Engineer (Medical Devices)" for one of our clients in " Burlington, MA (Hybrid)". A leading organization services

Senior Product Security Engineer (Medical Devices)

Location: Burlington, MA (Hybrid)

Type: Full-Time / Direct Hire

About the Role

• We are seeking a Senior Product Security Engineer to join our team in Burlington, MA. This is a highly technical, hands-on role focused on securing embedded medical devices across the full product lifecycle.
• You will play a key role in designing and implementing security architecture, working closely with firmware, software, and systems engineering teams to ensure products are secure by design and aligned with regulatory expectations.
• This position sits within the broader GRC organization but operates as a deeply technical product security function, bridging engineering, security, and compliance.

Key Responsibilities

• Security Architecture & Design
• Design and define security architecture for embedded and connected medical devices
• Lead secure-by-design initiatives, including threat modeling and risk mitigation
• Develop and review security solutions for authentication, encryption, secure communications, and data protection
• Partner with engineering teams to embed security into the product lifecycle
• Product & Embedded Security
• Work closely with firmware and software teams to improve security of device components and interfaces
• Support OS and platform hardening (Windows/Linux-based systems)
• Ensure secure update mechanisms, integrity validation, and secure configurations
• Penetration Testing & Validation
• Manage and coordinate third-party penetration testing engagements
• Define testing scope, review findings, and drive remediation efforts
• Ensure security validation throughout design, development, and pre-market stages
• Vulnerability Management
• Lead identification, tracking, and remediation of vulnerabilities across products
• Coordinate cross-functional response to security issues and disclosures
• Monitor third-party component risks and dependencies
• Process & SOP Development
• Develop and implement security processes, standards, and SOPs
• Help mature the organization s product security program
• Ensure alignment with regulatory and internal security expectations

Required Qualifications

• 7+ years of experience in cybersecurity, product security, or software engineering
• Strong experience in medical device security (REQUIRED)
• Proven background in security architecture and secure design for embedded or connected systems
• Experience working with cross-functional engineering teams (firmware, software, systems)
• Hands-on involvement in threat modeling, vulnerability management, and security testing
• Experience managing or working with third-party penetration testing vendors

Preferred Qualifications

• Experience in regulated environments (FDA, healthcare, or similar)
• Knowledge of standards such as ISO 14971, IEC 81001-5-1, NIST, or similar frameworks
• Background in embedded systems, IoT, or device-level security
• Experience building or improving security processes and SOPs

What Makes This Role Unique

• High-impact role shaping security architecture for real-world medical devices
• Opportunity to work at the intersection of engineering, security, and regulatory compliance
• Direct influence on product security strategy and implementation
• Collaborative, cross-functional environment with strong engineering partnership

Work Environment

• Hybrid role based in Burlington, MA
• Direct hire position with long-term growth potential