Principal Cyber Security Engineer
Additional Location(s): US-MN-Arden Hills
Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance
At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.
About The Role
Boston Scientific is seeking a Product Cybersecurity Engineer to operationalize and support various post-market cybersecurity activities within the Cardiac Rhythm Management (CRM) Research and Development (R&D) organization. Responsibilities include understanding and documenting the security posture of the company’s products, applications and supporting infrastructure as well as compliance to the Quality systems and processes. The cybersecurity engineer will assist in implementing the individual CRM product cybersecurity plan.
The ideal candidate must have a combination of strong communication and technical skills in order to implement and support the functional and technical aspects of the cybersecurity plan and work collaboratively with a team of internal staff and consultants to execute its components.
As part of the CRM R&D organization, the engineer will work alongside a team of analysts, IT/R&D engineers and architects, supporting pre and post market product security activities, such as application security, vulnerability assessments, threat modeling, penetration testing, security analysis tools, hospital cybersecurity inquiries and contract reviews, among other areas.
Work model, sponsorship, relocation:
This role follows an onsite work model. Employees are expected to work from our Arden Hills, MN office at least four days per week. Boston Scientific will not offer sponsorship or take over sponsorship of an employment visa for this position. Relocation assistance is not available for this position.
Your Responsibilities Will Include
Required qualifications:
The anticipated annualized base amount or range for this full time position will be $ to $, plus variable compensation governed by the Sales Incentive Compensation Plan (which includes certain annual non-discretionary incentives based on predetermined objectives) as well as the value of core and optional benefits offered at BSC, which can be reviewed at www.bscbenefitsconnect.com. Actual compensation will be commensurate with demonstrable level of experience and training, pertinent education including licensure and certifications, and other relevant business or organizational needs.
For MA positions: It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.
Boston Scientific transforms lives through innovative medical technologies that improve the health of patients around the world. As a global medical technology leader for more than 45 years, we advance science for life by providing a broad range of high-performance solutions that address unmet patient needs and reduce the cost of healthcare. Our portfolio of devices and therapies helps physicians diagnose and treat complex cardiovascular, respiratory, digestive, oncological, neurological and urological diseases and conditions. Learn more at www.bostonscientific.com and follow us on LinkedIn.
Boston Scientific maintains a prohibited substance free workplace. Pursuant to Va. Code
Among other requirements, Boston Scientific maintains specific prohibited substance testing requirements for safety-sensitive positions. This role is deemed safety-sensitive and, as such, candidates will be subject to a drug test as a pre-employment requirement. The goal of the drug testing is to increase workplace safety in compliance with the applicable law.
Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance
At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.
About The Role
Boston Scientific is seeking a Product Cybersecurity Engineer to operationalize and support various post-market cybersecurity activities within the Cardiac Rhythm Management (CRM) Research and Development (R&D) organization. Responsibilities include understanding and documenting the security posture of the company’s products, applications and supporting infrastructure as well as compliance to the Quality systems and processes. The cybersecurity engineer will assist in implementing the individual CRM product cybersecurity plan.
The ideal candidate must have a combination of strong communication and technical skills in order to implement and support the functional and technical aspects of the cybersecurity plan and work collaboratively with a team of internal staff and consultants to execute its components.
As part of the CRM R&D organization, the engineer will work alongside a team of analysts, IT/R&D engineers and architects, supporting pre and post market product security activities, such as application security, vulnerability assessments, threat modeling, penetration testing, security analysis tools, hospital cybersecurity inquiries and contract reviews, among other areas.
Work model, sponsorship, relocation:
This role follows an onsite work model. Employees are expected to work from our Arden Hills, MN office at least four days per week. Boston Scientific will not offer sponsorship or take over sponsorship of an employment visa for this position. Relocation assistance is not available for this position.
Your Responsibilities Will Include
- Support and manage applicable tools for pre and post market security testing; support integration of the tools into the quality processes.
- Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.
- Monitor for change in security controls of products and update the product inventory and tracking database as needed and communicate to stakeholders.
- Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts.
- Support, as needed, security risk assessment and threat modelling services for CRM products businesses and product development life cycle.
- Support, as needed, application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software.
Required qualifications:
- Bachelor’s degree or higher.
- 10+ years in Research & Development and/or Information Technology experience, preferably in cybersecurity roles in medical device development or health care organizations.
- Drive for learning cybersecurity and a passion for securing products.
- Experience with vulnerability analysis of Windows and Linux operating systems as well as software.
- Experience across various OS platforms such as Windows, MacOS, Linux, and Mobile (iOS, Android).
- General understanding of cybersecurity techniques, controls, and methodologies from frameworks such as NIST Special Publications and ISO standards.
- Cybersecurity certifications (e.g. Network+, Security+, CSSLP, HCISPP, CEH, CISSP) a plus.
The anticipated annualized base amount or range for this full time position will be $ to $, plus variable compensation governed by the Sales Incentive Compensation Plan (which includes certain annual non-discretionary incentives based on predetermined objectives) as well as the value of core and optional benefits offered at BSC, which can be reviewed at www.bscbenefitsconnect.com. Actual compensation will be commensurate with demonstrable level of experience and training, pertinent education including licensure and certifications, and other relevant business or organizational needs.
For MA positions: It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.
Boston Scientific transforms lives through innovative medical technologies that improve the health of patients around the world. As a global medical technology leader for more than 45 years, we advance science for life by providing a broad range of high-performance solutions that address unmet patient needs and reduce the cost of healthcare. Our portfolio of devices and therapies helps physicians diagnose and treat complex cardiovascular, respiratory, digestive, oncological, neurological and urological diseases and conditions. Learn more at www.bostonscientific.com and follow us on LinkedIn.
Boston Scientific maintains a prohibited substance free workplace. Pursuant to Va. Code
- 2.2-4312 (2000), Boston Scientific is providing notification that the unlawful manufacture, sale, distribution, dispensation, possession, or use of a controlled substance or marijuana is prohibited in the workplace and that violations will result in disciplinary action up to and including termination.
Among other requirements, Boston Scientific maintains specific prohibited substance testing requirements for safety-sensitive positions. This role is deemed safety-sensitive and, as such, candidates will be subject to a drug test as a pre-employment requirement. The goal of the drug testing is to increase workplace safety in compliance with the applicable law.
Recommended Jobs
Cyber Security Incident Response Analyst
Posted 1 hour ago
Network (Security) engineer
Posted 1 hour ago
IT/OT Security and Compliance Engineer
Posted 2 hours ago
Security Controls Engineer
Posted 2 hours ago
Cyber Security Operations Analyst
Posted 2 hours ago