Senior Product Security Engineer (Medical Devices)

Trident Consulting is seeking a " Product Security Engineer (Medical Devices) " for one of our clients in " Burlington, MA (Hybrid) ". A leading organization services

Senior Product Security Engineer (Medical Devices)

Location: Burlington, MA (Hybrid)

Type: Full-Time / Direct Hire

About the Role

- We are seeking a Senior Product Security Engineer to join our team in Burlington, MA. This is a highly technical, hands-on role focused on securing embedded medical devices across the full product lifecycle.

- You will play a key role in designing and implementing security architecture, working closely with firmware, software, and systems engineering teams to ensure products are secure by design and aligned with regulatory expectations.

- This position sits within the broader GRC organization but operates as a deeply technical product security function, bridging engineering, security, and compliance.

Key Responsibilities

- Security Architecture & Design

- Design and define security architecture for embedded and connected medical devices

- Lead secure-by-design initiatives, including threat modeling and risk mitigation

- Develop and review security solutions for authentication, encryption, secure communications, and data protection

- Partner with engineering teams to embed security into the product lifecycle

- Product & Embedded Security

- Work closely with firmware and software teams to improve security of device components and interfaces

- Support OS and platform hardening (Windows/Linux-based systems)

- Ensure secure update mechanisms, integrity validation, and secure configurations

- Penetration Testing & Validation

- Manage and coordinate third-party penetration testing engagements

- Define testing scope, review findings, and drive remediation efforts

- Ensure security validation throughout design, development, and pre-market stages

- Vulnerability Management

- Lead identification, tracking, and remediation of vulnerabilities across products

- Coordinate cross-functional response to security issues and disclosures

- Monitor third-party component risks and dependencies

- Process & SOP Development

- Develop and implement security processes, standards, and SOPs

- Help mature the organization s product security program

- Ensure alignment with regulatory and internal security expectations

Required Qualifications

- 7+ years of experience in cybersecurity, product security, or software engineering

- Strong experience in medical device security (REQUIRED)

- Proven background in security architecture and secure design for embedded or connected systems

- Experience working with cross-functional engineering teams (firmware, software, systems)

- Hands-on involvement in threat modeling, vulnerability management, and security testing

- Experience managing or working with third-party penetration testing vendors

Preferred Qualifications

- Experience in regulated environments (FDA, healthcare, or similar)

- Knowledge of standards such as ISO 14971, IEC 81001-5-1, NIST, or similar frameworks

- Background in embedded systems, IoT, or device-level security

- Experience building or improving security processes and SOPs

What Makes This Role Unique

- High-impact role shaping security architecture for real-world medical devices

- Opportunity to work at the intersection of engineering, security, and regulatory compliance

- Direct influence on product security strategy and implementation

- Collaborative, cross-functional environment with strong engineering partnership

Work Environment

- Hybrid role based in Burlington, MA

- Direct hire position with long-term growth potential