Cyber Security Engineer II

About the Role

We are looking for a Cybersecurity Engineer II to drive the integration of cybersecurity practices across the product lifecycle for medical device software and connected systems.

In this role, you will act as a trusted security partner to engineering teams, ensuring that cybersecurity is proactively embedded into design, development, and release processes. You will play a critical role in identifying and mitigating security risks while supporting compliance with global medical device regulations and standards.

This position will collaborate closely with R&D, Quality Assurance, Regulatory Affairs, and Product Management teams as part of the Software R&D organization.

In this role, you will have the opportunity to:

• Drive adoption of Secure Development Lifecycle (SDL / SSDLC) practices across the organization through education, collaboration, and development of cybersecurity processes aligned with quality standards
• Partner with engineering teams to integrate security requirements into product design and development, and perform security reviews of system architectures, design artifacts, and application code.
• Support compliance with medical device cybersecurity standards and regulations (e.g., FDA, IEC 62304, ISO 14971, IEC 81001-5-1) and collaborate with cross-functional stakeholders (R&D, QA, Regulatory, Product Management)
• Provide cybersecurity expertise to product teams, including vulnerability triage, prioritization and suggest remediation strategies.
• Support the organization’s cybersecurity initiatives through the implementation of tools and the development of standard processes

The essential requirements of the job include:

• Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related field, with minimum 4 years of experience in product cybersecurity, medical device security, or a related domain.
• Proven experience in Threat modeling using methodologies such as STRIDE, attack trees, or similar frameworks to identify security risks, define security controls, and recommend mitigation strategies.
• Experience in penetration testing of IoT devices and applications, leveraging both automated tools (e.g., Metasploit, Nmap, Nessus) and manual testing techniques.
• Working experience with one or more security testing tools across SAST (e.g., Veracode, SonarQube or equivalent), SCA (e.g., Black Duck, WhiteSource or equivalent), and DAST (e.g., Netsparker, AppScan or equivalent).
• Provide cybersecurity expertise to product teams, including vulnerability triage, prioritization (e.g., CVSS), and suggest remediation strategies

What sets you apart

• Strong communication and presentation skills, with the ability to translate complex cybersecurity concepts for both technical and non-technical audiences
• Operational mindset with strong attention to detail, quality, and the ability to manage multiple concurrent priorities effectively
• Proactive ownership and drive to lead security improvements across the product lifecycle

It would be a plus if you also possess:

• CEH or equivalent cybersecurity certifications
• Knowledge on CIS or STIG hardening standards and CVSS scoring system.
• Basic programming knowledge (preferred but not mandatory)

More Details : Danaher
More Jobs : TJN Careers