Engineer II, Cyber Security

Additional Locations: India-Maharashtra, Pune

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.

Cybersecurity Design Quality Assurance (DQA) Engineer

About the role:

Boston Scientific is a world wide and diverse company who puts patients first. Through this position, the ideal candidate would use their cyber experience to support, develop, establish and maintain hardware/software within medical electrial systems (MES) for both Sustaining and New Product Development (NPD) within the Urology Division of Boston Scientific (BSC).

Our team is all about building the future of the operating room for Urologists.  As the industry leader in surgical kidney stone treatment, we are on a mission to empower physicians to treat more cases, more efficiently, with better outcomes; To help patients in need get back to their daily lives.  As a Cybersecurity DQA Engineer, you’ll be at the heart of that mission to develop best-in-class products to bring advanced, safe innovations to the clinic. You will also be supporting the effort to establish and maintain medical electrical systems (MES) products in partnership with the greatest minds in the entire medical device industry. Your contributions will directly impact patient care at a company widely regarded as being a quality leader in the medical device industry.

Your responsibilities include:

• Identify risk-based requirements within the Boston Scientific Quality System (21 CFR 820/ ISO13485) for the Medical Device Software process, EN 62304. Examples of what this includes are:

• Meet Boston Scientific and applicable Standards, based on risk controls identified
• Review of requirements vs risks to define where the appropriate level of risk control lies
• Collaborate, understand and perform gap analysis on emerging standards related to cybersecurity
• Identify risk-based requirements within the Boston Scientific Quality System for Cyber Security Risk Assessment and relevant processes, including Threat Modeling, Security Architecture and network diagrams/Data Flow Diagrams. Examples of what this includes are:
• Review existing code and third-party software against the vulnerabilities data base(s)
• Partnering with Software Engineers to determine applicability of findings
• Support / own the development of Threat Models and/or Data flow Diagrams.
• Support DQA project teams by working with Product Development Engineers (embedded within R&D) to create / review Hardware/Software systems including Cyber security and identify possible failure modes/risk control opportunities for these complex systems (FDA/EUMDR-Regulated Class II Medical Device environments (including interconnected and cloud-based software systems). Examples of what this includes are:
• Review of SW/HW sub-systems (PCBA’s, FPGAs, with and without Firmware, etc.) and identify risk control measures 
• Review of part schematics for identification or risk control measures
• Recommend updates to design prints or added tests as a result or risks identified.
• Coordinate with up to three Engineers to sustain legacy cybersecurity efforts for existing products.
• Participate in the creation and maintain risk management and usability documentation such as, Hazard Analysis, Design Failure Mode and Effects Analysis (DFMEA), Task Analysis and Fault Tree Analysis (FTA) incorporating both IEC 62304 and Cybersecurity principles. 
• Create and/or review Software and Cybersecurity documentation (Software Development Plan, Detailed Design, etc. and Threat Modeling / Security Risk Analysis / network diagrams)
• Represent Urology DQA at Communities of Practice (COP’s) to develop global best practices
• Create/Edit/Revise applicable cybersecurity WI’s and KSD’s, influence the global process to drive change.
• Own/review NCEP’s/CAPA’s when necessary.
• Apply sound, systematic problem-solving methodologies in identifying, prioritizing, communicating, and resolving quality issues
• Support diversity and inclusion of initiatives within the divisions and organization.

What we’re looking for in you:

Minimum Qualifications:

• 3-5 years’ experience with software and/or cyber security within software systems, embedded medical device software or software as a medical device.
• Bachelor’s degree in electrical engineering, computer science, software engineering, or a related field
• Competent with use of Microsoft Office Suite, Minitab Statistical Analysis software (or equivalent) and electrical testing/simulation software.
• Travel approximately 10-15% of the time as Covid permits
• Strong communication and presentation skills
• Regulated Industry Experience preferred, but not required.

Requisition ID: 575921

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!