Boston Scientific Principal Cybersecurity Engineer 

United States, Minnesota, Arden Hills 

333108731

Your responsibilities will include:

• Support and manage applicable tools for pre and post market security testing; support integration of the tools into the quality processes.
• Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks.
• Monitor for change in security controls of products and update the product inventory and tracking database as needed and communicate to stakeholders.
• Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts.
• Support, as needed, security risk assessment and threat modelling services for Urology products businesses and product development life cycle.
• Support, as needed, application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software.

Additional Requirements:

• Must be able to learn technical aspects of Boston Scientific’s products and related customer needs, and also influence "change of ways."
• Foster a diverse workplace that enables all participants to contribute to their full potential in pursuit of organizational objectives.
• May lead and control the activities in one or more functional areas, divisions, product groups, projects/programs and/or operations.
• Monitor and ensure compliance with company policies and procedures (e.g. federal/country and regulatory requirements).

Required Qualifications:

• Bachelor’s degree or higher
• 10+ years in Research & Development and/or Information Technology experience, or similar preferably in cybersecurity roles in medical device development or health care organizations.
• Drive for learning cybersecurity and a passion for securing products.
• Experience with vulnerability analysis of Windows and Linux operating systems as well as software.
• Experience across various OS platforms such as Windows, MacOS, Linux, and Mobile (iOS, Android).
• General understanding of cybersecurity techniques, controls, and methodologies from frameworks such as NIST Special Publications and ISO standards.

Preferred Qualifications:

• Cybersecurity certifications (e.g. Network+, Security+, CSSLP, HCISPP, CEH, CISSP) a plus.

Among other requirements, Boston Scientific maintains specific prohibited substance testing requirements for safety-sensitive positions. This role is deemed safety-sensitive and, as such, candidates will be subject to a drug test as a pre-employment requirement. The goal of the drug testing is to increase workplace safety in compliance with the applicable law.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status. Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment. Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements. As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.