Engineer I, Global Product Cybersecurity Job

Additional Locations:

Purpose and Passion Comprehensive Benefits Life-Work Integration Community Career Growth

At Boston Scientific, you will find a collaborative culture driven by a passion for innovation that keeps us connected on the most essential level. With determination, imagination and a deep caring for human life, we're solving some of the most important healthcare industry challenges. Together, we're one global team committed to making a difference in people's lives around the world. This is a place where you can find a career with meaningful purposeimproving lives through your life's work.

About the role:

Boston Scientific is seeking a cybersecurity engineer—Product Cybersecurity whose primary responsibility is to operationalize and support post-market cybersecurity activities, including understanding and documenting the security posture of the company’s products, applications and supporting infrastructure as well as compliance to the Quality systems and processes. The cybersecurity engineer will assist in implementing the department’s global product cybersecurity plan.

The candidate must have a combination of strong communication and technical skills in order to implement and support the functional and technical aspects of the cybersecurity plan and work collaboratively with a team of internal staff and consultants to execute its components.

This role is part of the Global Research and Development organization, reporting directly to the Sr. Manager of Product Cybersecurity. He/she will work alongside a team of analysts, IT/R&D engineers and architects, supporting pre and post market product security activities; such as application security, vulnerability assessments, penetration testing, security analysis tools, hospital cybersecurity inquiries and contract reviews, among other areas.

Your responsibilities include:

• Support and manage applicable tools for pre and post market security testing; support integration of the tools into the quality process.
• Manage and coordinate training for tools used for threat intelligence, application security, device/host vulnerability assessments, 3rd party risk reviews.
• Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.
• Create and maintain the product inventory list with all technical controls and exceptions, in coordination with Divisional Product Teams.
• Monitor for change in security controls of products and update the product inventory and tracking database as needed and communicate to stakeholders.
• Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts.
• Support security risk assessment and threat modelling services for global products businesses and product development life cycle.
• Support application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software.

Additional Requirements

• Must be able to learn technical aspects of Boston Scientific’s products and related customer needs, and also influence "change of ways."
• Foster a diverse workplace that enables all participants to contribute to their full potential in pursuit of organizational objectives.
• May lead and control the activities in one or more functional areas, divisions, product groups, projects/programs and/or operations.
• Monitor and ensure compliance with company policies and procedures (e.g. federal/country and regulatory requirements).

What we're looking for:

• Bachelor’s degree or higher
• 3+ years in Research & Development and/or Information Technology experience, preferably in Cyber Security roles.
• Drive for learning security and a passion for securing products.
• Experience with vulnerability analysis of Windows and Linux operating systems as well as software.
• Experience across various OS platforms such as Windows, MacOS, Linux, and Mobile (iOS, Android)
• General understanding of cybersecurity techniques and methodologies such as threat modeling, vulnerability assessments, and security testing tools.
• Cybersecurity certifications (e.g. Network+, Security+, CSSLP, HCISPP, CEH, CISSP) a plus.

About us

As a global medical technology leader for more than 35 years, our mission at Boston Scientific (NYSE: BSX) is to transform lives through innovative medical solutions that improve the health of patients. If you're looking to truly make a difference to people both around the world and around the corner, there's no better place to make it happen.

Requisition ID:472785