Description

Job Title
Product Security Engineer - Interventional Vascular Medical Device (Bedford, MA)

Job Description

Product Security Engineer - Interventional Vascular Medical Device (Bedford, MA)

We are seeking a Product Security Engineer to lead and execute the cybersecurity practices that protect our portfolio of medical devices used in interventional vascular procedures. In this role, you will own the Secure Product Development Lifecycle (SPDLC) from defining the standards and processes to implementing them across product teams and continuously evolving them in line with the latest industry best practices. Your work directly supports patient safety, regulatory compliance, and the integrity of life-critical devices.

Your role:

• Define and govern the Secure Product Development Lifecycle (SPDLC) by authoring, maintaining, and improving SOPs and work instructions aligned with standards for medical devices. Ensure these processes support interventional vascular device development.
• Drive implementation of SPDLC practices across engineering teams, embedding secure design, threat modeling, secure coding, and vulnerability management into daily workflows. Ensure teams are trained, equipped, and held accountable.
• Continuously enhance security practices by integrating evolving tools, technologies, and industry standards. Keep the organization aligned with regulatory expectations and emerging threats.
• Lead threat modeling, security risk assessments, and architecture reviews throughout the product lifecycle. Ensure risks are clearly documented, prioritized, and mitigated.
• Support regulatory compliance and operational security by producing cybersecurity documentation, managing vulnerabilities and incidents, and collaborating cross-functionally. Partner with R&D, quality, and regulatory teams to balance security, safety, usability, and time-to-market.

You're the right fit if:

• You bring 5+ years of experience in product/application security, embedded systems security, or a related engineering discipline as an individual contributor.
• You have strong skills in secure development lifecycle (SDL) processes, threat modeling, secure coding, vulnerability assessment, and penetration testing; working knowledge of medical device cybersecurity standards (IEC 81001-5-1, AAMI TIR57, FDA guidance, IEC 62304) and embedded/connected device constraints; bonus: experience in regulated medical device environments (ideally interventional vascular/cardiovascular), SBOM management, ISO 14971/13485 and 21 CFR 820, and embedded cryptography/secure boot/secure communications/key management.
• You hold a Bachelor's degree in Computer Science, Electrical/Biomedical Engineering, Cybersecurity, or a related field (or equivalent experience); bonus: security certifications such as CISSP, CSSLP, GIAC, or OSCP.
• You demonstrate strong technical writing and regulatory documentation skills, translate standards into actionable engineering processes, collaborate cross-functionally and influence without authority, and maintain a continuous-improvement mindset with sound judgment balancing patient safety, security, and product delivery.
• You must be able to successfully perform the following minimum Physical, Cognitive and Environmental job requirements with or without accommodation for this position .

How we work together:

We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company's facilities. Field roles are most effectively done outside of the company's main facilities, generally at the customers' or suppliers' locations.

This is an onsite role and will be in the office 5 days a week.

About Philips:

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help improve the lives of others.

• Learn more about our business .
• Discover our rich and exciting history.
• Learn more about our purpose.
• Learn more about our culture.

Philips Transparency Details:

The pay band for this position in MA is $157,000 - $249,00.

The actual base pay offered may vary within the posted ranges depending on multiple factors including job-related knowledge/skills, experience, business needs, geographical location, and internal equity.

In addition, other compensation, such as an annual incentive bonus, sales commission or long-term incentives may be offered. Employees are eligible to participate in our comprehensive Philips Total Rewards benefits program, which includes a generous PTO, 401k (up to 7% match), HSA (with company contribution), stock purchase plan, education reimbursement and much more. Details about our benefits can be found here .

At Philips, it is not typical for an individual to be hired at or near the top end of the range for their role and compensation decisions are dependent upon the facts and circumstances of each case.

Additional Information:

• US work authorization is a precondition of employment. The company will not consider candidates who require sponsorship for a work-authorized visa, now or in the future.
• Company relocation benefits will not be provided for this position. For this position, you must reside in or within commuting distance to Bedford, MA

This requisition is expected to stay active for 45 days but may close earlier if a successful candidate is selected or business necessity dictates. Interested candidates are encouraged to apply as soon as possible to ensure consideration.

Philips is an Equal Employment and Opportunity Employer including Disability/Vets and maintains a drug-free workplace.