Product Security Engineer

Overview

Remote
$50 - $55
Contract - Independent
Contract - W2
Contract - 12 Month(s)

Skills

Cybersecurity in healthcare
Medical device security
Threat modeling
Security risk management
Regulatory compliance (FDA
HIPAA
GDPR)
SBOM creation
Vulnerability management
ISO 27001/SOC2/FedRAMP compliance
Secure software development lifecycle (SDLC)
Security documentation and reporting

Job Details

Title: Product Security Engineer
Location: Danvers, MA (Remote candidates considered)
Domain: Medical Device / Healthcare

Job Summary:

A leading innovator in medical devices, is seeking for experienced Product Security Engineers to join our growing team. This role is critical for ensuring the security of our medical products throughout their lifecycle from pre-market development to post-market vulnerability management. Candidates must have prior cybersecurity experience in the medical device or healthcare domain.

Key Responsibilities:

  • Pre-Market Activities:

    • Develop and maintain security-related documentation for product development including:

      • Security Plans

      • Architecture Diagrams

      • Data Flow Diagrams

      • Threat Models

      • Security Requirements

      • Design for Security Concepts

      • Software Bill of Materials (SBOM)

      • Risk Management Documentation

  • Post-Market Activities:

    • Lead and track vulnerability management processes and remediation activities with strict adherence to defined timelines.

    • Drive incident response activities in coordination with cross-functional teams.

  • Compliance & Certification Support:

    • Contribute to and support certification processes including:

      • SOC2

      • FedRAMP

      • ISO 27001

      • Additional regulatory needs as applicable (e.g., FDA, HIPAA, GDPR)

Required Qualifications:

  • 5+ years of industry experience in Information Security.

  • Proven cybersecurity experience in medical device or healthcare domains (Mandatory).

  • Strong understanding of security risk management methodologies.

  • Familiarity with regulatory and compliance standards such as:

    • NIST Cybersecurity Framework

    • ISO 27001

    • SOC2

    • HIPAA

    • GDPR

  • Excellent organizational, time-management, and documentation skills.

  • Strong interpersonal and communication skills.

  • Bachelor s Degree in Computer Science, Information Security, Engineering, or related field.

Preferred Qualifications:

  • Experience working in a regulated environment, preferably FDA-regulated.

  • Exposure to secure product lifecycle development in embedded or cloud-connected devices.

  • Experience in handling security audits and product certifications.

Additional Notes:

  • This is a remote-friendly opportunity; however, preference may be given to candidates who can occasionally be onsite at Danvers, MA if needed.

  • The role requires a proactive, detail-oriented individual who can collaborate across multiple teams and functions with urgency and accountability.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.