Product Cybersecurity Engineer Fellow

Additional Location(s):  N/A

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.           

 

About the Role:
Boston Scientific is seeking a Product Cybersecurity Engineer Fellow. In this role, the candidate will serve as a strategic leader and subject matter expert, driving the design, implementation, and governance of robust cybersecurity frameworks to ensure the safety, reliability, and compliance of medical devices, including both capital equipment and active implantable products. The candidate will be responsible for operationalizing and supporting various cybersecurity activities, including understanding and documenting the security posture of the company’s products and applications, implementing cybersecurity plans, supporting infrastructure, and ensuring compliance with quality systems and processes.

 

The candidate must possess a combination of strong communication and technical skills to implement and support the functional and technical aspects of the cybersecurity plan. They will work collaboratively with a team of internal staff and consultants to execute its components. You will collaborate across multidisciplinary teams to address complex cybersecurity challenges in highly regulated environments and play a pivotal role in shaping the future of connected healthcare solutions.

 

This role is part of the Urology Research and Development organization. Working alongside a team of analysts, IT/R&D engineers, and architects, the Cybersecurity Engineer will support pre- and post-market product security activities such as application security, vulnerability assessments, threat modeling, penetration testing, security analysis tools, hospital cybersecurity inquiries, and contract reviews, among other areas.

 

Work Mode:
At Boston Scientific, we value collaboration and synergy. This role is remote, but candidates must reside in the Central Time Zone and work Central Time Zone hours. If the candidate lives within a commutable distance to our Maple Grove, MN, office location, they will be expected to follow a hybrid schedule of a minimum of three days onsite per week.

 

Relocation Assistance:
Relocation assistance is not available for this position at this time.

 

Visa Sponsorship:
Boston Scientific will not offer sponsorship or take over sponsorship of an employment visa for this position at this time.

 

This position will accept applications through January 20th, 2025.

Your Responsibilities Will Include:

• Define and lead the Urology product(s) cybersecurity strategy for medical devices, ensuring alignment with industry regulations and best practices.
• Provide guidance to the teams on emerging threats, evolving standards, and technology trends in the cybersecurity and healthcare ecosystem.
• Develop and oversee risk assessment methodologies, including security assessments, threat modeling, vulnerability assessments, and penetration testing.
• Ensure risk mitigation strategies are effectively implemented during the product lifecycle, from concept to post-market surveillance.
• Advocate for a “secure by design” approach to minimize risks across interconnected medical devices and healthcare IT systems.
• Provide technical leadership and support to design and implement end-to-end system security architectures, including secure boot, encryption, authentication, and intrusion detection systems.
• Support the development of software and firmware solutions with secure coding principles.
• Work closely with R&D, quality assurance, IT, and clinical teams to embed cybersecurity into the device development process.
• Mentor junior engineers and provide training on advanced cybersecurity principles.
• Act as a liaison with external stakeholders, including regulatory bodies, standards organizations, and healthcare providers.
• Support and manage applicable tools for pre- and post-market security testing; support integration of the tools into quality processes.
• Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.
• Monitor changes in security controls of products, update the product inventory and tracking database as needed, and communicate with stakeholders.
• Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts.
• Support, as needed, application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software.
• Support regulatory submissions by providing technical documentation and justifications for cybersecurity controls.
• Learn the technical aspects of Boston Scientific’s products and related customer needs to effectively influence process improvements and drive "change of ways."
• Foster a diverse and inclusive workplace where all team members are empowered to contribute to their full potential in achieving organizational goals.
• Lead and manage activities within one or more functional areas, divisions, product groups, projects, programs, or operations to achieve strategic objectives.
• Monitor and ensure compliance with company policies, procedures, and applicable federal, country, and regulatory requirements.

 

Required Qualifications:

• Bachelor’s degree.
• 15+ years in Research & Development and/or Information Technology, systems engineering experience, or similar roles, preferably in cybersecurity for medical device development or healthcare organizations.
• Drive for learning cybersecurity and a passion for securing products.
• Experience with vulnerability analysis of Windows and Linux operating systems as well as software.
• Experience across various OS platforms such as Windows, macOS, Linux, and Mobile (iOS, Android).
• General understanding of cybersecurity techniques, controls, and methodologies from frameworks such as NIST Special Publications and ISO standards.

 

Preferred Qualifications:

• Cybersecurity certifications (e.g., Network+, Security+, CSSLP, HCISPP, CEH, CISSP).
• Demonstrated experience at a top-tier consulting firm, with a proven ability to analyze complex problems, deliver strategic insights, manage cross-functional projects, and drive impactful outcomes in a fast-paced, client-driven environment.

 

 

 

 

Requisition ID: 598651 

Minimum Salary: $ 122100 

Maximum Salary: $ 232000 

 

The anticipated compensation listed above and the value of core and optional employee benefits offered by Boston Scientific (BSC) – see www.bscbenefitsconnect.com--will vary based on actual location of the position and other pertinent factors considered in determining actual compensation for the role. Compensation will be commensurate with demonstrable level of experience and training, pertinent education including licensure and certifications, among other relevant business or organizational needs. At BSC, it is not typical for an individual to be hired near the bottom or top of the anticipated salary range listed above.

 

Compensation for non-exempt (hourly), non-sales roles may also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).

 

Compensation for exempt, non-sales roles may also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).

 

For MA positions: It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.

 

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!

 

At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. 

Boston Scientific Corporation has been and will continue to be an equal opportunity employer. To ensure full implementation of its equal employment policy, the Company will continue to take steps to assure that recruitment, hiring, assignment, promotion, compensation, and all other personnel decisions are made and administered without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identify, gender expression, veteran status, age, mental or physical disability, genetic information or any other protected class.

 

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status.  Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment.  Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements.   As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.

 

Among other requirements, Boston Scientific maintains specific prohibited substance test requirements for safety-sensitive positions.  This role is deemed safety-sensitive and, as such, candidates will be subject to a prohibited substance test as a requirement.  The goal of the prohibited substance testing is to increase workplace safety in compliance with the applicable law.