Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

Boston Scientific Lead Engineer DQA Cyber Security 
India, Maharashtra, Pune 
978140601

28.06.2024

India-Maharashtra, Pune

About the role:

Our team is all about building the future of the operating room for Urologists. As the industry leader in surgical kidney stone treatment, we are on a mission to empower physicians to treat more cases, more efficiently, with better outcomes; To help patients in need get back to their daily lives. As a Cybersecurity DQA Engineer, you’ll be at the heart of that mission to develop best-in-class products to bring advanced, safe innovations to the clinic. You will also be supporting the effort to establish and maintainmedical electrical systems

Your responsibilities include:

  • Boston Scientific Quality System (21 CFR 820/ ISO13485) for the Medical Device Software process, EN 62304. Examples of what this includes are:
  • Meet Boston Scientific and applicable Standards, based on risk controls identified.
  • Review of requirements vs risks to define where the appropriate level of risk control lies.
  • Collaborate, understand, and perform gap analysis on emerging standards related to cybersecurity.
  • Identify risk-based requirements within the Boston Scientific Quality System for Cyber Security Risk Assessment and relevant processes, including Threat Modeling, Security Architecture, and network diagrams/Data Flow Diagrams. Examples of what this includes are:
  • Review existing code and third-party software against the vulnerabilities data base(s)
  • Partnering with Software Engineers to determine applicability of findings.
  • Support / own the development of Threat Models and/or Data flow Diagrams.
  • Support DQA project teams by working with Product Development Engineers (embedded within R&D) to create / review Hardware/Software systems including Cyber security and identify possible failure modes/risk control opportunities for these complex systems (FDA/EUMDR-Regulated Class II Medical Device environments (including interconnected and cloud-based software systems). Examples of what this includes are:
  • Review of SW/HW sub-systems (PCBA’s, FPGAs, with and without Firmware, etc.) and identify risk control measures.
  • Review of part schematics for identification or risk control measures
  • Recommend updates to design prints or added tests as a result or risks identified.
  • Coordinate with up to three Engineers to sustain legacy cybersecurity efforts for existing products.
  • Participate in the creation and maintain risk management and usability documentation such as, Hazard Analysis, Design Failure Mode and Effects Analysis (DFMEA), Task Analysis and Fault Tree Analysis (FTA) incorporating both IEC 62304 and Cybersecurity principles.
  • Create and/or review Software and Cybersecurity documentation (Software Development Plan, Detailed Design, etc. and Threat Modeling / Security Risk Analysis / network diagrams)
  • Represent Urology DQA at Communities of Practice (COP’s) to develop global best practices
  • Create/Edit/Revise applicable cybersecurity WI’s and KSD’s, influence the global process to drive change.
  • Own/review NCEP’s/CAPA’s when necessary.
  • Apply sound, systematic problem-solving methodologies in identifying, prioritizing, communicating, and resolving quality issues
  • Support diversity and inclusion of initiatives within the divisions and organization.

Minimum Qualifications:

  • 6-9 years’ experience with software and/or cyber security within software systems, embedded medical device software or software as a medical device.
  • Bachelor’s degree in electrical engineering, computer science, software engineering, or a related field
  • Competent with use of Microsoft Office Suite, Minitab Statistical Analysis software (or equivalent) and electrical testing/simulation software.
  • Travel approximately 10-15% of the time as Covidpermits.
  • Strong communication and presentation skills
  • Regulated Industry Experience preferred, but not required.