Hybrid Principal Software Cybersecurity Engineer - Andover, MA

• Join a medical device company truly making a difference
• Excellent base salary & bonus on offer
  
  

About Our Client

The company is a commercial-stage publicly traded medical technology company transforming organ transplant therapy for patients worldwide.

Job Description

The suitable Principal Software Cybersecurity Engineer's responsibilities will include but not be limited to:

• Work with relevant stakeholders to determine customer needs for secure embedded and digital software application
• Elicitate cybersecurity software requirements to support customer need
• Perform end-to-end system security risk analysis activitie
• Perform threat modeling, vulnerability assessments, pen tests, and static/dynamic analysis (SAST/DAST
• Ensure regulatory compliance with FDA pre-market/post-market guidelines, NIST SP 800-series, IEC 62304, and ISO 1497
• Implement cryptographic controls, secure boot, authentication, and hardened operating system
• Create software requirement specs, risk assessments, and secure architecture design
• Manage Software Bill of Materials (SBOM) to analyze third-party component risk
• Support patching and remediation of security vulnerabilities on connected device
• Participate in cybersecurity assessment and ensure a secure architecture and desig
• Develop and maintain software development procedures per regulatory standards, e.g., FDA guidance, IEC 62304
• Support quality audits and the development of FDA submissions
  
  

MPI does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, marital status, or based on an individual's status in any group or class protected by applicable federal, state or local law. MPI encourages applications from minorities, women, the disabled, protected veterans and all other qualified applicants.

The Successful Applicant

The suitable Principal Software Cybersecurity Engineer will have:

• BS/MS in Computer Science, Computer Engineering, or equivalent combination of education and experience.
• 10 years of related experience in real-time embedded software, digital clinical software, medical device development, or product cybersecurity.
• Experience in implementing security controls and features in firmware and embedded software, such as secure boot, cryptographic services, and secure data storage.
• Experience in implementing protections for sensitive data stored on or transmitted by embedded devices.
• Experience in implementing digital signatures to verify the authenticity and integrity of data.
• Experience in applying secure hashing and generating and managing cryptographic keys.
• Experience in employing secure communication protocols like TLS/SSL.
• Experience in medical device security risk assessment, evaluation, and control.
• Experience in preparing and maintaining SBOM
• Knowledge of relevant cybersecurity regulations and guidelines (FDA pre-market and post-market guidance, section 2.4b CFR, IEC 81001-5-1, IEC 62443-4-1, JSP 2.0).
• Knowledge of cybersecurity relevant methods and tools (threat modeling, STRIDE, static/dynamic code analysis, system hardening, penetration testing, etc.).
  
  

What's On Offer

Compensation details for the Principal Software Cybersecurity Engineer include:

• A fantastic base salary depending on experience
• Annual Bonus Target
• Generous PTO
• Hybrid work schedule
• Matching 401k Plan
  
  

Contact

Joshua Kerslake

Quote job ref

JN-994