Product Security Manager

Job not on LinkedIn

🔥 16 hours ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of iRhythm Technologies, Inc.

iRhythm Technologies, Inc.

1001 - 5000 employees

Founded 2006

⚕️ Healthcare Insurance

🧬 Biotechnology

Healthcare Insurance • Biotechnology • Medical Technology

iRhythm Technologies, Inc. is a medical technology company that specializes in digital healthcare solutions for the management of cardiac arrhythmias. The company is best known for its ZioSuite, a comprehensive platform designed to deliver a streamlined solution for assessing heart health through advanced analytics and patient-centered data collection. iRhythm focuses on improving patient outcomes and optimizing the efficiency of healthcare providers through innovative technology in the cardiac monitoring space.

📋 Description

• Ensure compliance with FDA cybersecurity guidance and regulations in collaboration with Cybersecurity, Regulatory, Quality, and Systems Development teams. • Conduct comprehensive security risk assessments, including Cybersecurity Risk Assessments (CSRAs), to identify vulnerabilities and threats across device hardware, firmware, software, and cloud components. • Develop and maintain device-specific cyber threat models, factoring in patient safety, data privacy, and operational continuity. • Demonstrate familiarity with Software Bill of Materials (SBOM) and effectively communicate technical details. • Create and maintain cybersecurity documentation for pre- and post-market activities, ensuring regulatory alignment. • Produce detailed data flow diagrams to support the threat modeling process. • Participate in design reviews of medical device architectures and implementations, providing actionable recommendations for system security requirements. • Perform and support vulnerability analysis and coordinate the vulnerability management program, including scanning, patching, and remediation for medical devices. • Leverage and maintain application and threat detection tools (Veracode, Snyk, GitLab, or equivalent) to identify security flaws early in the SDLC. • Support investigation and remediation of device-related security incidents, minimizing impact and preventing recurrence. • Partner with the Privacy Team to ensure adherence to HIPAA, GDPR, and other data protection regulations.

🎯 Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field. • 8+ years of experience in information security, with direct focus on product security for medical devices. • Strong understanding of security principles, methodologies, and tools within the PDLC and SDLC. • Demonstrated experience conducting Cybersecurity Risk Assessments (CSRAs), vulnerability analysis, and working with modern threat detection tools (Veracode, Snyk, GitLab, or similar). • Familiarity with NIST Cybersecurity Framework, NIST SP 800-171, and deeper controls/frameworks such as NIST SP 800-53 (Security and Privacy Controls), NIST SP 800-92 (Log Management), and NIST SP 800-63 (Digital Identity Guidelines). • Hands-on experience with vulnerability identification and threat modeling within healthcare using methodologies such as STRIDE. • Experience operating in a regulated environment (FDA, HIPAA, GDPR, international regulatory frameworks). • Experience with medical device hardware or Software as a Medical Device (SaMD). • Experience with medical device software development and regulatory processes. • Excellent problem-solving, analytical, and communication skills, able to take a multi-siloed approach. • Ability to understand intro dependencies of teams across; mobile applications, hardware and cloud environments. • Proven track record of 510k experience and completion.

🏖️ Benefits

• Reasonable accommodations for qualified individuals with disabilities in job application procedures

Apply Now

Similar Jobs

🔥 16 hours ago

OhioHealth

10,000+ employees

⚕️ Healthcare Insurance

🧘 Wellness

📚 Education

Senior IT Project Manager overseeing IT healthcare projects with a focus on leadership and project compliance. Mentoring new project managers while managing customer-focused deliverables.

PMP

🔥 19 hours ago

Centene Corporation

10,000+ employees

⚕️ Healthcare Insurance

🤝 Non-profit

🌍 Social Impact

Lead Security Governance initiatives for Centene, enhancing enterprise security posture and compliance. Oversee security risk assessment and project execution to mitigate risks effectively.

🔥 19 hours ago

Later

51 - 200

🤝 B2B

🛍️ eCommerce

🌍 Social Impact

Senior Security Engineer at Later enhancing security posture through engineering and collaboration. Handling application, cloud security, compliance, and vulnerability management.

AWS

Azure

Cloud

Google Cloud Platform

Microservices

Terraform

🔥 19 hours ago

LMI

1001 - 5000

🤖 Artificial Intelligence

⚕️ Healthcare Insurance

🏛️ Government

Cybersecurity Engineer responsible for securing IronSled deployments in federal missions. Collaborating with teams to maintain compliance and validate security controls.

AWS

Cloud

Cyber Security

🔥 19 hours ago

Climb Channel Solutions NA

51 - 200

🔌 API

🔒 Cybersecurity

☁️ SaaS

Senior Product Security Engineer leading Product Security initiatives within Delinea's Cybersecurity team. Collaborating with various teams and driving the strategic direction of security architecture.

Cloud

Cyber Security

Docker

Kubernetes

Python