Boston Scientific Senior Manager Cybersecurity 

United States, Minnesota 

101927591

Your responsibilities will include

• Lead the product cybersecurity strategy for the division, aligning with corporate policies, regulatory guidance, and emerging threats in the medical device space.
• Build and manage a high-performing cybersecurity engineering team, providing technical guidance, coaching, and professional development.
• Drive integration of security architecture and risk-based design principles into all phases of the product development lifecycle, from concept to post-market surveillance.
• Own and continuously improve division-wide processes for threat modeling, security risk assessments, secure coding practices, and vulnerability management.
• Represent cybersecurity in senior-level technical and business discussions, including regulatory submissions, due diligence activities, and incident response management.
• Regularly brief executive leadership on the cybersecurity landscape, including regulatory and legal developments, customer security expectations, emerging threats and the security posture of the Interventional Cardiology product portfolio, including associated risks and mitigation strategies.
• Collaborate across engineering, software, systems, IT, Quality, Regulatory, and Clinical teams to ensure end-to-end security design and implementation.
• Establish and enforce governance processes for incident response planning, penetration testing, patch management, and third-party cybersecurity assurance.
• Proactively monitor the evolving regulatory landscape (FDA, EU MDR, GDPR, etc.) to guide the organization in maintaining compliance and best-in-class security posture.
• Champion a culture of security-first thinking through training, internal advocacy, and cross-functional engagement.

Required qualifications

• Bachelor’s or master’s degree in Cybersecurity, Computer Science, Engineering, or related technical field.
• 10+ years of experience in cybersecurity, including at least 5 years in a leadership or management role overseeing technical teams and cross-functional cybersecurity initiatives.
• Demonstrated success in building, leading, and scaling cybersecurity teams and programs in regulated environments.
• Strong communication and executive presence, with proven ability to influence technical and non-technical stakeholders at all levels.
• Experience with secure product development, embedded systems, network security, and post-market cybersecurity monitoring.
• Ability to translate complex security concepts into actionable strategies aligned with business and product goals.

Preferred qualifications:

• Experience working in or with medical device companies or other regulated industries (e.g., pharma, aerospace, defense).
• Relevant cybersecurity certifications (e.g., CISSP, CISM, CRISC, GIAC, OffSec).
• Deep knowledge of security architecture, risk assessment methodologies, and regulatory standards such as IEC 62443, ISO 14971, NIST CSF, FDA cybersecurity guidance, and HIPAA/GDPR.
• Familiarity with standards and guidance such as IEC 62304, ISO/IEC 27001, VA Handbook 6500, and SW96/TIR57/TIR97.
• Understanding of PKI, wireless security, penetration testing methodologies, and emerging threat landscapes.
• Experience in cybersecurity aspects of M&A due diligence and integration planning is a strong plus.

Compensation fornon-exempt (hourly), non-sales rolesmay also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).

Compensation forexempt, non-sales rolesmay also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).

For MA positions:It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.