TC
Product Cybersecurity Engineer- – Healthcare Devices
Trident Consulting
Burlington · Hybrid Full-time Lead $150k – $160k/yr 1mo ago
About the role
About the Role
We are seeking a Lead Product Security to join our team in Burlington, MA. This is a highly technical, hands-on role focused on securing embedded medical devices across the full product lifecycle.
You will play a key role in designing and implementing security architecture, working closely with firmware, software, and systems engineering teams to ensure products are secure by design and aligned with regulatory expectations.
This position sits within the broader GRC organization but operates as a deeply technical product security function, bridging engineering, security, and compliance.
Key Responsibilities
Security Architecture & Design
- Design and define security architecture for embedded and connected medical devices
- Lead secure-by-design initiatives, including threat modeling and risk mitigation
- Develop and review security solutions for authentication, encryption, secure communications, and data protection
- Partner with engineering teams to embed security into the product lifecycle
Product & Embedded Security
- Work closely with firmware and software teams to improve security of device components and interfaces
- Support OS and platform hardening (Windows/Linux-based systems)
- Ensure secure update mechanisms, integrity validation, and secure configurations
Penetration Testing & Validation
- Manage and coordinate third-party penetration testing engagements
- Define testing scope, review findings, and drive remediation efforts
- Ensure security validation throughout design, development, and pre-market stages
Vulnerability Management
- Lead identification, tracking, and remediation of vulnerabilities across products
- Coordinate cross-functional response to security issues and disclosures
- Monitor third-party component risks and dependencies
Process & SOP Development
- Develop and implement security processes, standards, and SOPs
- Help mature the organization’s product security program
- Ensure alignment with regulatory and internal security expectations
Required Qualifications
- 7+ years of experience in cybersecurity, product security, or software engineering
- Strong experience in medical device security (REQUIRED)
- Proven background in security architecture and secure design for embedded or connected systems
- Experience working with cross-functional engineering teams (firmware, software, systems)
- Hands-on involvement in threat modeling, vulnerability management, and security testing
- Experience managing or working with third-party penetration testing vendors
Preferred Qualifications
- Experience in regulated environments (FDA, healthcare, or similar)
- Knowledge of standards such as ISO 14971, IEC 81001-5-1, NIST, or similar frameworks
- Background in embedded systems, IoT, or device-level security
- Experience building or improving security processes and SOPs
What Makes This Role Unique
- High-impact role shaping security architecture for real-world medical devices
- Opportunity to work at the intersection of engineering, security, and regulatory compliance
- Direct influence on product security strategy and implementation
- Collaborative, cross-functional environment with strong engineering partnership
Skills
C++CCloudCybersecurityData ProtectionDevice SecurityEncryptionFDAFirmwareHealthcareIEC 81001-5-1Information SecurityIoTISO 14971LinuxMedical Device SecurityNISTPenetration TestingProduct SecurityRisk ManagementSecure DesignSoftware EngineeringThreat ModelingVulnerability ManagementWindows
Don't send a generic resume
Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.
Get started free