[Remote] Product Security Engineer - Medical Device/ FDA
Note: The job is a remote job and is open to candidates in USA. Avenue 45 is seeking a Product Security Engineer specializing in Medical Devices and FDA regulations. The role involves providing technical security expertise and supporting cybersecurity activities across product development and product-supporting systems, ensuring alignment with security policies and regulatory expectations.
Responsibilities
- Work closely with the Cybersecurity Product Security team to support enterprise product security initiatives and cybersecurity programs
- Provide technical product security leadership across product and R&D application development teams
- Translate security requirements, architecture, and risk assessments into actionable design and implementation guidance
- Review product and platform architectures, designs, and prototypes to ensure alignment with information security policies, standards, and guidelines
- Support secure-by-design principles throughout the product development lifecycle (SDLC)
- Participate as a product security subject matter expert in product development team meetings and design reviews
- Assist with and perform vulnerability assessments of products and product-supporting systems
- Support vulnerability scanning, reassessment, remediation validation, and patch/update tracking
- Collaborate with development teams and the Cybersecurity Product Security team to address identified security risks and vulnerabilities
- Serve as a security advisor to product, R&D, regulatory, quality, and commercial teams
- Support customer- and partner-facing product cybersecurity discussions
- Collaborate closely with the Cybersecurity Product Security team, GRC, and broader information security teams to ensure consistent application of cybersecurity standards and practices
- Participate in security reviews, risk assessments, and cybersecurity governance activities related to product development and product-supporting environments
- Stay current on product cybersecurity threats, trends, emerging attack techniques, and regulatory expectations
- Share security best practices, lessons learned, and secure development guidance with engineering teams
- Contribute to the continuous improvement of product security processes, standards, and tools
Skills
- Bachelor's degree in Cybersecurity, Computer Science, Engineering, or related field, or equivalent experience
- Min 6 – 8 years of experience with IT Security or Cybersecurity or related area
- Min 2 years of experience in product security, application security, or cybersecurity supporting software-based products in medical devices area
- Experience working in regulated environments. (FDA)
- Experience collaborating with cybersecurity, product security, engineering, and cross-functional business teams
- Strong understanding of secure architecture, application security, secure software development, and vulnerability management
- Familiarity with web applications, cloud platforms (AWS/Azure), Windows, and Linux
- Excellent communication skills and ability to work effectively across technical and business functions
- Self-motivated and able to operate with minimal supervision
- Ability to quickly understand complex product architectures and security requirements
- Familiarity with FDA medical device cybersecurity guidance and industry standards such as IEC 81001-5-1, AAMI TIR57/TIR97, or NIST SSDF
Benefits
- Remote contractor position
- 1099 or Corp-to-Corp base contract
- No w-2 contracts
- Must be able to pass and clear background check and Drug Test prior to starting
Company Overview