Embedded Product Security Engineer II- Medical Device (Remote)

Date: Jan 12, 2023

Location: Waltham, MA, US, 02453

Company: Arthrex

 RequisitionID:          55802
Title: Embedded Product Security Engineer II- Medical Device (Remote)
Division: Arthrex, Inc. (US01)
Location: Remote
Salary Range:
Salary Minimum: $85,000.00
Salary Maximum $138,000.00

Seeking Pentesters and Cybersecurity Experts who want a career that positively impacts patient health, safety, and privacy!

Arthrex is a global medical device manufacturer and our mission is Helping Surgeons Treat Their Patients Better™.  The right candidate for this role will have some experience securing and pen-testing embedded or IoT devices along with a background in electrical engineering or software system design.

As our Embedded Product Security Engineer II, your day-to-day would be assisting our product design and development teams in securing connected and IoT medical devices.  You would take part in architecture reviews, grooming product security requirements, testing for vulnerabilities, and documenting the steps of our Secure Product Development Framework for use in regulatory submissions around the globe.

You will have the opportunity to attend training for security certifications and go to events like H-ISAC Conferences, DEF CON, and Black Hat.  And of course, you would get to help secure cutting-edge technology that has a positive impact in society!

We are open to this role sitting in our office in Boston or Work from home remote.


Essential Duties and Responsibilities:

  • Provide feedback to development teams for the secure design of electronic medical devices.
  • Conduct security testing and analysis on devices to find vulnerabilities.
  • Champion security findings by ensuring they are reproducible, documented, prioritized, and addressed.
  • Help to ensure standards are met during the design, development, and maintenance of a medical device using a Secure Product Development Framework.
  • Support teams in a fast-paced Agile/Scrum environment.
  • You will monitor global regulatory changes and emerging technologies related to Medical Device Software.
  • You will provide consultative guidance, as necessary, with new product development and be a point of contact with teams during the implementation or updates of security controls, configurations or software features.
  • You will prepare, publish, and train internal resources on key technologies, technical security requirements, and risks.
  • You will guide software technology and architecture documentation related to Product Security (Software requirements specifications, Architecture and Data Flow Diagrams, Risk mitigation traceability).

Education and Experience:

  • 2 + years of relevant work experience required
  • Bachelor’s degree required preferably in Engineering (Mechanical, Biomedical, Electrical or Software Engineering) or Computer Science

Preferred Qualifications:

  • Excellent communication skills and customer service oriented.
  • Knowledgeable of System and Software Development Processes and Lifecycles required (Agile SDLC).
  • Knowledgeable of application security best practices required.
  • Experience in embedded system development, IoT lifecycle, real-time operating systems, firmware, RFID, CANbus, WiFi, or Bluetooth LE preferred.
  • Experience in web application security and controls concepts preferred (OWASP).
  • Knowledge of ISO/IEC, NIST, EU MDR/MDCG, and FDA standards and requirements a plus.
  • Experience with GDPR, PIPEDA, CCPA and other global privacy regulations a plus
  • Experience with risk management methodologies, threat modeling, and vulnerability ranking a plus.
  • Cybersecurity related certifications a plus (OSCP, OSWE, CSSLP, CISSP, Security+).
  • Cybersecurity related coursework, papers, or presentations a plus.

Arthrex 2023 Benefits

  • Medical, Dental and Vision Insurance
  • Company-Provided Life Insurance
  • Voluntary Life Insurance
  • Flexible Spending Account (FSA)
  • Supplemental Insurance Plans (Accident, Cancer, Hospital, Critical Illness)
  • Matching 401(k) Retirement Plan
  • Annual Bonus
  • Wellness Incentive Program
  • Gym Reimbursement Program
  • Tuition Reimbursement Program
  • Trip of a Lifetime
  • Paid Parental Leave
  • Paid Time Off
  • Volunteer PTO
  • Employee Assistance Provider (EAP)



All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Nearest Major Market: Waltham
Nearest Secondary Market: Boston

Job Segment: Biomedical Engineering, Embedded, Test Engineer, Testing, Medical Device, Engineering, Technology, Healthcare