Boston Scientific PRINCIPAL CYBER SECURITY ENGINEER 

India, Maharashtra, Pune 

429712589

India-Maharashtra, Pune; India-Haryana, Gurgaon

KEY RESPONSIBILITIES

• Responsible for leading the design, implementation, and maintenance of comprehensive security measures across all stages of medical device development, ensuring compliance with relevant regulations and standards while protecting patient data and device integrity
• Lead the design and implementation of secure architectures for new medical devices, considering connectivity, data protection, access controls, and secure communication protocols
• Conduct thorough vulnerability assessments and penetration testing on medical devices to identify potential security flaws and implement corrective actions
• Ensure compliance with relevant medical device cybersecurity regulations and standards, including documentation and reporting requirements.
• Mentor and guide junior cybersecurity engineers on best practices, security techniques, and emerging threats within the medical device domain
• Collaborate with cross-functional teams including product development, quality assurance, regulatory affairs, and clinical teams to address cybersecurity concerns

• Deep understanding of cybersecurity principles and concepts, including cryptography, network security, authentication, authorization, and data protection.
• Expertise in medical device cybersecurity standards and regulations (FDA, IEC 62304, ISO 14971, IEC 81001-5-1)
• Proven experience in threat modeling, risk assessment, and vulnerability management within the medical device context
• Strong knowledge of secure coding practices and software development methodologies
• Experience with penetration testing tools and techniques for medical devices
• Excellent communication and collaboration skills to work effectively with cross-functional teams
• Bachelor's degree in computer science, electrical engineering, or a related field
• 10+ years of experience with cybersecurity and software systems
• Advanced cybersecurity certifications (e.g., CISSP, CISA, OSCP) are highly desirable

• Requires specialized and comprehensive technical and/or functional knowledge in own job function or field and has full understanding of other related job functions
• Leverages this knowledge to recommend new and/or improved work processes, typically at an area level impacting various teams

• Applies knowledge of business and industry best practices and how own area integrates with others to achieve objectives to drive results
• Is aware of the competition and the factors that differentiate them in the market

• Acts as a resource and mentor for colleagues with less experience
• May lead projects with manageable risks and resource requirements, often broader, cross-functional projects

• Solves complex and diverse problems, takes a new perspective on existing solutions and exercises judgment based on the analysis of multiple sources of information using specialized knowledge of various alternatives and their impact on the business
• Works independently within broad guidelines and policies, receives minimal guidance

• Impacts the ongoing achievement of customer, operational, project/program or key business/organizational/service objectives and recommends improvements within area of responsibility

• Explains difficult or sensitive information to facilitate productive discussion; works to build consensus
• Regularly leads discussions and makes presentations in cross-functional meetings, effectively presenting information to explain recommendations and implications