Product Security Engineer - Regulatory Compliance; Medical Devices

Job Description

Trident Consulting is seeking a “Sr. Product Security Engineer” for one of our clients in “Burlington, MA” — a global leader in pharmaceutical and medical technology.

Position: Sr. Product Security Engineer – Medical Devices

Location: Burlington, MA (Onsite)

Type: Fulltime

Job Summary

Seeking a Senior Product Security Engineer to lead product security across the lifecycle, ensuring compliance with FDA, ISO, NIST, and OWASP standards. Role includes security architecture, secure SDLC, Dev Sec Ops , vulnerability management, and regulatory documentation.

• Define security architecture, threat modeling, and risk mitigation
• Implement Secure SDLC (secure coding, code reviews, OWASP practices)
• Secure CI/CD pipelines, Dev Sec Ops , secrets & supply chain security (SBOM)
• Perform security testing (SAST, DAST, SCA, fuzzing, penetration testing)
• Manage vulnerability assessment, incident response, CVE tracking, patching
• Develop regulatory documentation (FDA, ISO 14971, IEC 81001-5-1)
• Collaborate with Engineering, QA, Dev Ops, and Compliance teams

• 7–10 years in Product Security / Application Security / Cybersecurity
• Strong in Security Architecture, Threat Modeling, Vulnerability Management
• Experience with Embedded Systems / IoT Security / Connected Devices
• Expertise in Dev Sec Ops , CI/CD Security, Docker/Kubernetes, Cloud (AWS/Linux)
• Hands‑on with SAST, DAST, SCA, Pen Testing tools
• Knowledge of Cryptography (TLS, encryption, key management)
• Familiar with NIST 800-53/30, ISO 27001, ISO 14971, OWASP, CWE, SBOM (SPDX, Cyclone
  
  DX)
• Experience in regulated industries (Medical Device / Automotive / Aerospace / Defense)

• Experience as Product Security Lead / Security SME
• Exposure to FDA cybersecurity guidelines & audits
• Experience with security automation in CI/CD

• Bachelor’s in CS / Engineering / Cybersecurity
• Master’s preferred