Senior Product Cybersecurity Engineer (Hybrid Boston)

๐ŸŒ Remote, USA ๐ŸŽฏ Full-time ๐Ÿ• Posted Recently

Job Description

We are constantly looking to add to our core talent. If you are seeking a career that is challenging and rewarding, a work environment that is diverse and dynamic, look no further - Haemonetics is your employer of choice.

Job Details

Secure the next generation of medical and cloud-connected healthcare products

At Haemonetics, we design technologies that directly impact patient safety and clinical outcomes. We are seeking a Senior Product Security Engineer who will play a critical role in embedding security throughout the lifecycle of our medical devices and cloud-based healthcare solutions.

In this role, you will collaborate closely with software, embedded, cloud, quality, and regulatory teams to ensure that security is built into every stage - from concept and development to release, monitoring, and post-market operations. You will influence secure design decisions, strengthen our DevSecOps practices, and help maintain the safety and regulatory integrity expected in the healthcare environment.

What You Will Do

You will serve as a core partner across product engineering, embedding security into medical device and SaMD development while strengthening our cloud, DevSecOps, and vulnerability management practices.

Secure Product Development & SaMD Security

    You will help product teams build secure systems from the ground up by:
  • Integrating security into the SDLC through secure design reviews, threat modeling, and requirements definition.
  • Performing architecture and threat-modeling reviews for device firmware, cloud services and APIs, and the mobile/web applications that support our devices.
  • Defining and validating controls for authentication, authorization, encryption, and data protection.
  • Working with Quality and Regulatory teams to ensure cybersecurity requirements are traceable, documented, and audit-ready.
    • Cloud & Backend Product Security (AWS)
    You will secure the AWS-based backends that power our medical and SaMD platforms by:
  • Designing and reviewing secure cloud architectures using AWS services.
  • Implementing product-focused logging, monitoring, and threat-detection capabilities.

DevSecOps & Supply Chain Security

    You will enhance product resilience and build confidence in our supply chain by:
  • Integrating security tooling into CI/CD pipelines (SAST, DAST, dependency and container scanning, secrets detection).
  • Establishing SBOM practices and governing third-party components.
  • Defining secure standards for container images, including hardening, scanning, and signing.
  • Supporting secure build processes, artifact signing, and release integrity.

Vulnerability Management & Post-Market Cybersecurity

    You will help products remain secure after launch by:
  • Supporting vulnerability intake, triage, prioritization, and remediation across device software and cloud environments.
  • Contributing to coordinated disclosure, advisories, and post-market cybersecurity requirements.
  • Working with incident response to investigate and contain product-related security events.

Technical Leadership

    You will be a trusted advisor and mentor by:
  • Serving as the product security subject matter expert for engineering teams.
  • Guiding secure design decisions and establishing practical, usable security patterns.
  • Driving continuous improvement in product security maturity.

Who You Are

    You are a hands-on security engineer with strong product and application security experience, and you are comfortable working across embedded, cloud, and software systems in regulated healthcare environments. You bring:
  • 7+ years of cybersecurity engineering experience with a focus on product/application security.
  • Direct experience securing medical devices, connected devices, or SaMD in regulated settings.
  • Strong understanding of secure SDLC, DevSecOps, threat modeling, OWASP Top 10, and API security risks.
  • Hands-on experience with AWS cloud security for product backends.
  • Familiarity with frameworks like NIST CSF, NIST 800-53, and ISO 27001.
  • The ability to collaborate effectively with Engineering, Quality, Regulatory, and Product teams.

Preferred experience:
Knowledge of IEC 62304, ISO 14971, ISO 13485, FDA cybersecurity guidance, UL 2900, AAMI TIR57/TIR97, EU MDR, and IEC 81001-5-1; exposure to CSPM, CIEM, or cloud workload protection tools.

    Certifications:
  • CISSP, CISM, Security+, CySA+, or GIAC (GSEC, GWAPT, GPEN).
  • Strongly preferred: AWS Certified Security - Specialty, CCSP.

You are also comfortable with tools such as AWS IAM/VPC/ECS/Lambda/S3/RDS/KMS/CloudTrail/GuardDuty, Veracode SAST/DAST and SBOM tooling, AWS CI/CD pipelines, and Terraform.

What Success Looks Like

    Success in this role means security becomes a natural, expected part of how we design and ship products - not a late-stage hurdle. You help ensure that:
  • Products are architected with strong security foundations from day one.
  • Our cloud and device platforms are secure, observable, and resilient.
  • Vulnerabilities are handled quickly with clear processes and effective remediation.
  • Post-market cybersecurity meets the expectations of regulators, clinicians, and customers.
  • Engineering teams grow stronger through your mentorship and security leadership.

EEO Policy Statement

Pay Transparency:

The base pay actually offered to the successful candidate will take into account, without limitation, the candidate's location, education, job-knowledge, skills, and experience in prior relevant roles. Incentives may also be provided as part of Haemonetics' employee compensation. For sales roles, employees will be eligible for sales incentive (i.e., commission) under the applicable plan terms. For non-sales roles, employees will be eligible for a discretionary annual bonus, the target amount of which varies based on the applicable role, to be governed by the applicable plan terms. Employees may also be eligible to participate in the Company's long-term incentive plan, with eligibility and target amount dependent on the role.

In addition to compensation, the Company offers a competitive suite of benefits to its employees, including without limitation, a 401(k) with up to a 6% employer match and no vesting period, an employee stock purchase plan, "flexible time off" for salaried employees and, for hourly employees, accrual of three to five weeks' vacation annually (based on tenure), accrual of up to 64 hours (annually) of paid sick time, paid and/or floating holidays, parental leave, short- and long-term disability insurance, tuition reimbursement, and/or health and welfare benefits.

Depending on your location, you may be eligible for more detailed information related to the compensation and benefits related to this job posting. If you believe you may be entitled to such information by law, you may contact 1-781-348-7777, Monday through Friday, 7:30 a.m. - 5 p.m. ET or email [email protected].

The base salary range for this role is:

$87,892.99-$149,656.58/Annual

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!

๐Ÿš€ Apply Now

Similar Jobs

Recent Jobs

You May Also Like