Senior Manager, Cybersecurity

Additional Location(s): US-MA-Marlborough

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.       

About the role:

Boston Scientific is seeking a Senior Manager of Cybersecurity Engineering to lead and advance our cybersecurity initiatives across the Interventional Cardiology division. This leader will set a strategic direction for product security and oversee execution of secure design practices, vulnerability management, regulatory alignment, and cross-functional collaboration. The role will involve driving cybersecurity maturity across the product lifecycle and interfacing with R&D, Regulatory, Quality, IT, and executive stakeholders to ensure patient safety, product integrity, and regulatory compliance.

This is a high-impact leadership position, ideal for an experienced cybersecurity professional with a strong track record in regulated industries, capable of building high-performing teams and translating cybersecurity objectives into tangible product and business outcomes.

Work Mode:

At Boston Scientific, we value collaboration and synergy. This role follows a hybrid work model, requiring employees to be in our Maple Grove, MN (or) Marlborough, MA office at least three days per week.

Your responsibilities will include

• Lead the product cybersecurity strategy for the division, aligning with corporate policies, regulatory guidance, and emerging threats in the medical device space.
• Build and manage a high-performing cybersecurity engineering team, providing technical guidance, coaching, and professional development.
• Drive integration of security architecture and risk-based design principles into all phases of the product development lifecycle, from concept to post-market surveillance.
• Own and continuously improve division-wide processes for threat modeling, security risk assessments, secure coding practices, and vulnerability management.
• Represent cybersecurity in senior-level technical and business discussions, including regulatory submissions, due diligence activities, and incident response management.
• Regularly brief executive leadership on the cybersecurity landscape, including regulatory and legal developments, customer security expectations, emerging threats and the security posture of the Interventional Cardiology product portfolio, including associated risks and mitigation strategies.
• Collaborate across engineering, software, systems, IT, Quality, Regulatory, and Clinical teams to ensure end-to-end security design and implementation.
• Establish and enforce governance processes for incident response planning, penetration testing, patch management, and third-party cybersecurity assurance.
• Proactively monitor the evolving regulatory landscape (FDA, EU MDR, GDPR, etc.) to guide the organization in maintaining compliance and best-in-class security posture.
• Champion a culture of security-first thinking through training, internal advocacy, and cross-functional engagement.

Required qualifications

• Bachelor’s or master’s degree in Cybersecurity, Computer Science, Engineering, or related technical field.
• 10+ years of experience in cybersecurity, including at least 5 years in a leadership or management role overseeing technical teams and cross-functional cybersecurity initiatives.
• Demonstrated success in building, leading, and scaling cybersecurity teams and programs in regulated environments.
• Strong communication and executive presence, with proven ability to influence technical and non-technical stakeholders at all levels.
• Experience with secure product development, embedded systems, network security, and post-market cybersecurity monitoring.
• Ability to translate complex security concepts into actionable strategies aligned with business and product goals.

Preferred qualifications:

• Experience working in or with medical device companies or other regulated industries (e.g., pharma, aerospace, defense).
• Relevant cybersecurity certifications (e.g., CISSP, CISM, CRISC, GIAC, OffSec).
• Deep knowledge of security architecture, risk assessment methodologies, and regulatory standards such as IEC 62443, ISO 14971, NIST CSF, FDA cybersecurity guidance, and HIPAA/GDPR.
• Familiarity with standards and guidance such as IEC 62304, ISO/IEC 27001, VA Handbook 6500, and SW96/TIR57/TIR97.
• Understanding of PKI, wireless security, penetration testing methodologies, and emerging threat landscapes.
• Experience in cybersecurity aspects of M&A due diligence and integration planning is a strong plus.

Requisition ID: 606958

Minimum Salary: $122100 

Maximum Salary: $232000 

The anticipated compensation listed above and the value of core and optional employee benefits offered by Boston Scientific (BSC) – see www.bscbenefitsconnect.com--will vary based on actual location of the position and other pertinent factors considered in determining actual compensation for the role. Compensation will be commensurate with demonstrable level of experience and training, pertinent education including licensure and certifications, among other relevant business or organizational needs. At BSC, it is not typical for an individual to be hired near the bottom or top of the anticipated salary range listed above.

Compensation for non-exempt (hourly), non-sales roles may also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).

Compensation for exempt, non-sales roles may also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).

For MA positions: It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!

At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. 

Boston Scientific Corporation has been and will continue to be an equal opportunity employer. To ensure full implementation of its equal employment policy, the Company will continue to take steps to assure that recruitment, hiring, assignment, promotion, compensation, and all other personnel decisions are made and administered without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identify, gender expression, veteran status, age, mental or physical disability, genetic information or any other protected class.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status.  Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment.  Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements.   As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.