Share this Job

Senior Software Engineer - (Security & Sustaining) Job

Apply now »
Apply now

Apply for Job

Date: Sep 30, 2021

Location: Maple Grove, MN, US, 55311

Company: Boston Scientific

Additional Locations:


Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - Caring - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.

Join a fast-growing and talented team, as we invest in a best-in-class software product using best-in-class software practices.  This is one of 15 new roles on this team in 2021 alone.  Boston Scientific is seeking a highly motivated R&D software engineer. The successful candidate will participate in the design and development of medical devices.  Be a part of Boston Scientific's Coronary Therapies R&D team to develop innovative products that sustain and improve the lives of patients around the world.  You will use your technical and collaboration skills alongside your passion for innovation and continuous improvement to drive growth through efficient and effective development of new products.


Core Responsibilities

  • Monitor third party software components and threat sources for vulnerabilities throughout a post-market device's operational lifecycle.
  • Perform periodic/routine post-market vulnerability assessments by assessing the impact/severity and exploitability of vulnerabilities in conformance to Boston Scientific's global quality system.
  • Complete post-market cybersecurity investigations for high impact vulnerabilities and cybersecurity incidents that affect released products.
  • Support the integration and verification of software updates and patches that are used to remediate vulnerabilities, including those related to off-the-shelf software. Perform design validation and patch management for cybersecurity mitigations and vulnerability fixes.
  • Support periodic post-market cybersecurity penetration tests.
  • Perform quarterly vulnerability monitoring analysis, reviews and reporting.
  • Maintain and update threat models, MDS2, and SBOM for released products.


Additional Responsibilities

  • Create security bulletins for high profile or high impact vulnerabilities in released products. Create release notes and field service/customer support notes for cybersecurity enhancements and patches.
  • Provide cybersecurity-focused inputs and reviews for post-market surveillance reports.
  • Support cybersecurity-focused reporting activities required per 21 CFR part 806 (Corrections and Removals).
  • Support pre-market Healthcare Delivery Organizations' (HDO) information security questionnaires and negotiations.
  • Contribute to CI/CD pipeline activities to generate vulnerability static and dynamic analysis tool reports.

Minimum Qualifications:

  • 5+ Years of relevant work experience with BS 
  • 3+ Years of relevant work experience with MS
  • Experience developing applications on a Windows platform in C++/C#.


Preferred Qualifications:

  • Degree in Computer Science, Computer Engineering or related field
  • Hands-on experience in automated patch testing/validation and test optimization.
  • Hands-on experience in installing, configuring and troubleshooting Windows-based environments. Experience in secure design and secure coding on Windows platforms.
  • Experience in the application of risk management for IT Networks incorporating medical devices or other cyber-physical systems, the National Vulnerability Database (NVD), Common Vulnerability Scoring System (CVSS), and Common Vulnerabilities and Exposures (CVE). Experience using Common Weakness Enumeration (CWE), Common Configuration Enumeration (CCE) and Common Platform Enumeration (CPE) is a plus.
  • Experience in threat modeling or security risk analysis is a plus.
  • Experience in penetration testing or hands-on assessment of vulnerability exploitability is a plus.


Requisition ID: 502287


As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.


So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!


At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. Boston Scientific is proud to be an equal opportunity and affirmative action employer.


Boston Scientific maintains a drug-free workplace. Pursuant to Va. Code § 2.2-4312 (2000), Boston Scientific is providing notification that the unlawful manufacture, sale, distribution, dispensation, possession, or use of a controlled substance or marijuana is prohibited in the workplace and that violations will result in disciplinary action up to and including termination.


Nearest Major Market: Minneapolis

Job Segment: Developer, Medical, Engineer, Software Engineer, Risk Management, Technology, Healthcare, Engineering, Finance