×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Data Security

Senior Product Security Engineer; Hybrid Boston

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: Haemonetics Software Solutions
Full Time, Part Time position
Listed on 2026-03-02
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Data Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Senior Product Security Engineer (Hybrid Boston)
We are constantly looking to add to our core talent. If you are seeking a career that is challenging and rewarding, a work environment that is diverse and dynamic, look no further — Haemonetics is your employer of choice.## Job Details You will work directly with software, embedded, cloud, quality, and regulatory teams to ensure security is built into product design, development, release, and post-market operations, aligned with healthcare safety and regulatory expectations.

This role is Hybrid (3 days per week) in Boston located at 125 Summer Street, Boston, MA. Preference to candidates that reside within current commuting distance to Boston.
*
* Key Responsibilities:

** Secure Product Development & SaMD Security
* Embed security into the medical device and SaMD SDLC, including secure design reviews, threat modeling, and security requirements definition.
* Perform threat modeling and architecture reviews for:  + Device software and firmware  + Cloud-connected services and APIs  + Mobile and web applications supporting medical devices
* Define and validate security controls for authentication, authorization, encryption, and data protection in patient-impacting systems.
* Partner with Quality and Regulatory teams to ensure cybersecurity requirements are documented, traceable, and auditable.

Cloud & Backend Product Security (AWS)
* Secure AWS-hosted product backends supporting medical devices and SaMD.
* Design and review security architectures using AWS services
* Implement product-focused logging, monitoring, and threat detection

Dev Sec Ops  & Supply Chain Security
* Integrate security testing into CI/CD pipelines, including SAST, DAST, dependency scanning, container scanning, and secrets detection.
* Establish and maintain SBOM practices and third-party component governance for medical device software.
* Define and enforce secure standards for container images, including hardening, scanning, signing, and runtime protections.
* Support secure build, artifact signing, and release integrity controls.

Vulnerability Management & Post-Market Cybersecurity
* Support product vulnerability intake, triage, and remediation across device software and cloud services.
* Assist with vulnerability disclosure, security advisories, and post-market cybersecurity activities.
* Collaborate with incident response teams to investigate and contain product-related security events.

Technical Leadership
* Serve as the product security subject matter expert for engineering teams.
* Mentor engineers and influence secure design decisions through practical guidance and standards.
* Drive continuous improvement in product security maturity and resilience.
*
* Required Qualifications:

*** 7+ years of experience in cybersecurity engineering with a strong focus on product and application security
* Direct experience securing medical devices, connected devices, or SaMD in a regulated healthcare environment.
* Strong understanding of:  + Secure SDLC and Dev Sec Ops  practices  + Threat modeling methodologies  + OWASP Top 10 and API security risks
* Hands-on experience with AWS cloud security in support of products and services.
* Familiarity with healthcare and product security frameworks, including NIST CSF/800-53 and ISO 27001.
* Ability to work effectively across Engineering, Quality, Regulatory, and Product teams.
**
* Preferred Qualifications:

**** Experience with medical device standards and guidance, including:  + IEC 62304, ISO 14971, ISO 13485  + FDA cybersecurity expectations, UL 2900, AAMI TIR
57/TIR
97  + EU MDR and IEC 81001‑5‑1
* Exposure to CSPM, CIEM, or cloud workload protection platforms.
* Certifications (One or More Required)
* CISSP (ISC²) or CISM (ISACA)
* CompTIA Security+ or CySA+
* GIAC certifications (e.g., GSEC, GWAPT, GPEN)
** Strongly Preferred
*** AWS Certified Security – Specialty
* CCSP (ISC²)
* Tools & Technologies
* Cloud: AWS (IAM, VPC, ECS, Lambda, S3, RDS, KMS, Cloud Trail, Guard Duty)
* Product Security:
Veracode - SAST/DAST, dependency & container scanning, SBOM
* Dev Ops: AWS CI/CD pipelines, Infrastructure as Code (Terraform)
** Pay Transparency:
** The base pay actually offered to the successful candidate will take into account,…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search