Principal Cyber Security Engineer
MicroTransponder
full-time
Posted on:
Location Type: Remote
Location: Minnesota • United States
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Design and maintain enterprise cybersecurity architecture, including identity and access management, network security, endpoint protection, and cloud security
- Implement and operate security technologies, including SIEM, EDR, vulnerability management, DNS filtering, email security, and network segmentation
- Lead incident response, threat hunting, and security automation initiatives to improve detection, response, and recovery capabilities
- Establish and lead the product security program for medical devices across their lifecycle in collaboration with R&D, Quality, and Regulatory teams
- Conduct security risk assessments, threat modeling, and vulnerability analysis for active implantable medical devices
- Facilitate alignment with FDA premarket and postmarket cybersecurity guidance and applicable standards including IEC 81001-5-1, IEC 62443, and ISO 14971
- Support postmarket cybersecurity activities, including vulnerability assessment coordinated disclosure, and remediation planning
- Develop and maintain cybersecurity policies, procedures, and standards aligned with NIST Cybersecurity Framework, CIS Critical Security Controls, ISO 27001, and medical device regulations
- Support regulatory compliance activities related to HIPAA, FDA 21 CFR Part 11, ISO 13485, and IEC 62304
- Oversee and guide enterprise patch management practices, including vulnerability prioritization, coordination with IT operations, and validation of remediation for critical systems
- Administer and secure the company’s external web hosting environment, including configuration hardening, monitoring, penetration testing, and coordination with hosting vendors
- Conduct third-party risk assessments, support internal and external audits, and participate in Design Assurance activities including FMEA
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Electrical Engineering, or a related field from an accredited university, or equivalent practical experience
- 8+ years of progressive cybersecurity experience, with experience in medical devices or other regulated industries strongly preferred
- Professional certifications such as CISSP, CCSP, CISM, CRISC, or similar are strongly preferred
- Experience securing enterprise productivity and collaboration environments, including Microsoft 365 and Google Workspace
- Deep expertise in enterprise security architecture, identity and access management, cloud security, and security technologies such as SIEM, EDR, vulnerability management, and security driven patching
- Experience with product security, medical device regulations including FDA guidance, IEC 81001-5-1, IEC 62443, and ISO 14971, and compliance frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, ISO 27001, and HIPAA
- Working knowledge of secure software development lifecycle (SDLC) practices
- Strong scripting and automation skills (PowerShell, Python, or similar), along with excellent communication skills and the ability to convey technical concepts to non-technical audiences
- Demonstrated ability to work effectively with cross-functional teams and manage multiple priorities
Benefits
- medical, dental and vision plans
- FSA
- 401(k) plan with company matching
- unlimited Paid Time Off (PTO)
- approximately 15 paid company holidays per year
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurity architectureidentity and access managementnetwork securityendpoint protectioncloud securitySIEMEDRvulnerability managementthreat modelingscripting
Soft skills
communication skillscross-functional collaborationincident response leadershipthreat huntingsecurity automationproject managementproblem-solvingtechnical concept communicationorganizational skillsteam management
Certifications
CISSPCCSPCISMCRISC