Principal Cybersecurity Engineer - Urology
Arden Hills, MN, US, 55112
Additional Location(s): US-MA-Marlborough; US-MN-Maple Grove
Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance
At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.
About the role:
Boston Scientific is seeking a product cybersecurity engineer whose primary responsibility is to operationalize and support various cybersecurity activities, including understanding and documenting the security posture of the company’s products, applications, and supporting infrastructure as well as compliance to the Quality systems and processes. The cybersecurity engineer will assist in implementing the individual product cybersecurity plan.
The candidate must have a combination of strong communication and technical skills in order to implement and support the functional and technical aspects of the cybersecurity plan and work collaboratively with a team of internal staff and consultants to execute its components.
This role is part of the Urology Research and Development (R&D) organization. Working alongside a team of analysts, IT/R&D engineers, and architects, this role will support pre and post market product security activities, such as application security, vulnerability assessments, threat modeling, penetration testing, security analysis tools, hospital cybersecurity inquiries and contract reviews, among other areas.
This role is open to remote candidates within the United States; however, candidates located within a commutable distance to Arden Hills/Maple Grove, MN, or Marlborough, MA, are required to follow a hybrid work schedule, with 3 days per week onsite.
Your responsibilities will include:
- Support and manage applicable tools for pre and post market security testing; support integration of the tools into the quality processes.
- Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.
- Monitor for change in security controls of products and update the product inventory and tracking database as needed and communicate to stakeholders.
- Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts.
- Support, as needed, security risk assessment and threat modelling services for Urology products businesses and product development life cycle.
- Support, as needed, application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software.
Additional Requirements:
- Must be able to learn technical aspects of Boston Scientific’s products and related customer needs, and also influence "change of ways."
- Foster a diverse workplace that enables all participants to contribute to their full potential in pursuit of organizational objectives.
- May lead and control the activities in one or more functional areas, divisions, product groups, projects/programs and/or operations.
- Monitor and ensure compliance with company policies and procedures (e.g. federal/country and regulatory requirements).
Required Qualifications:
- Bachelor’s degree or higher
- 10+ years in Research & Development and/or Information Technology experience.
- Drive for learning cybersecurity and a passion for securing products.
- Experience with vulnerability analysis of Windows and Linux operating systems as well as software.
- Experience across various OS platforms such as Windows, MacOS, Linux, and Mobile (iOS, Android).
- General understanding of cybersecurity techniques, controls, and methodologies from frameworks such as NIST Special Publications and ISO standards.
Preferred Qualifications:
- Experience in cybersecurity roles in medical device development or health care organizations.
- Cybersecurity certifications (e.g. Network+, Security+, CSSLP, HCISPP, CEH, CISSP) a plus.
Requisition ID: 594543
As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.
So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!
At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve.
Boston Scientific Corporation has been and will continue to be an equal opportunity employer. To ensure full implementation of its equal employment policy, the Company will continue to take steps to assure that recruitment, hiring, assignment, promotion, compensation, and all other personnel decisions are made and administered without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identify, gender expression, veteran’s status, age, mental or physical disability, genetic information or any other protected class.
Boston Scientific maintains a prohibited substance free workplace. Pursuant to Va. Code § 2.2-4312 (2000), Boston Scientific is providing notification that the unlawful manufacture, sale, distribution, dispensation, possession, or use of a controlled substance or marijuana is prohibited in the workplace and that violations will result in disciplinary action up to and including termination.
Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.
#LI-Remote
Nearest Major Market: Minneapolis
Job Segment:
Medical Device, Medical Device Engineer, Compliance, R&D Engineer, Testing, Healthcare, Engineering, Legal, Technology