Lead Product Security Engineer- R&D Cytology
Company: HK Recruiting
Location: San Diego
Posted on: February 17, 2026
|
|
|
Job Description:
Job Description Job Description JOB DESCRIPTION Discover a
career with real meaning. One that offers the opportunity to
showcase your talents, achieve measurable success and gain immense
satisfaction by enabling healthier lives everywhere, every day. Our
Software Engineering (R&D) department in our Diagnostics
division is looking for a Security Engineer experienced in medical
device and/or instruments security and systems to join our team,
pivotal in building and enhancing security in our products and
services! As a Lead Product Security Engineer and the SME for our
Cytology R&D team, you will be the key cybersecurity
representative ensuring that our products are meeting industry
standards and FDA requirements throughout the product lifecycle,
including post-market. This is a hybrid role based out of either
Marlborough, MA, or San Diego, CA. RESPONSIBILITIES Maintain
vigilance on industry security threats, assess risks to Client's
products, and manage these risks according to established quality
procedures. Participate in continuous improvement of our Secure by
Design principles and implementation, ensuring adherence to
security standards and best practices. Support the creation and
maintenance of security design documentation and architecture
diagrams. Collaborate with cross-functional teams (Product
Engineering, DevSecOps, Regulatory, Quality) to integrate security
into the product lifecycle. Define security requirements and
controls based on specific use cases and threat models. Perform
regular risk analyses to evaluate security threats and
vulnerabilities, prioritizing uncontrolled risks with potential
impacts on patient safety. Perform Security Risk Management
activities to address identified vulnerabilities and security
design issues, including regular review and assessment of risk
against CVEs. Establish automated processes for vulnerability
scanning and remediation Educate the development and leadership
teams on securing products, remote connectivity solutions, and
their operating environments. Work with cross-functional teams to
ensure that SBOMs are correct and can be used as part of our
continuous vulnerability monitoring process Design architecture
that prioritizes efficient, secure software updates and patch
management across deployed systems. Establish incident playbooks
and coordinate root cause analysis (RCA) for reported security
incidents. Work with DevSecOps and Software Engineers to review
code static analysis and third-party software assessment reports.
Collaborate with Program Management and Regulatory teams to provide
security input for audits and FDA submissions. Maintain current
knowledge of FDA and other regulatory body's cybersecurity guidance
and standards, such as ISO, IEC, NIST, AAMI, CSLI, UL, BSI, HIPAA,
GDPR, State and Federal security standards, and ACTS for premarket
and post-market activities. Assist in translating cybersecurity
requirements into product requirements for new and existing product
designs, as well as assisting with the definition of verifications
for traceability. Assist with efforts to establish penetration
testing suites for continuous testing and monitoring of our product
solution. QUALIFICATIONS Bachelor's or Master's degree in Computer
Science, Cybersecurity, or related engineering equivalent. Minimum
of 8 - 12 years of professional experience in product
security/cybersecurity engineering Demonstrated competency in
Cybersecurity education and training through certifications (e.g.,
CISSP , CompTIA Security, etc.) Strong interpersonal skills, with
the ability to communicate cybersecurity concepts to a variety of
audiences. Skilled in working within cross-functional groups.
Skilled in performing Risk Assessment and Management plan Skilled
in writing design documentation and standard operating procedures.
Experience working in an FDA regulated environment is required.
Thorough familiarity with FDA and other regulatory body
Cybersecurity Guidelines and cybersecurity standards such as NIST,
AAMI, CSLI, UL, BSI, HIPAA, GDPR, State and Federal security
standards, and ACTS for premarket and post-market activities
(Preferred, but flexible). Strong verbal & written communication
skills. Familiarity with Windows OS and cloud-based solutions is
required Expertise with security frameworks and testing tools, and
how to incorporate the results of those into cybersecurity
requirements for the Product Development team. Proficiency in
scripting and simple test automation (e.g., PowerShell,
Python).
Keywords: HK Recruiting, San Clemente , Lead Product Security Engineer- R&D Cytology, IT / Software / Systems , San Diego, California
