×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Principal Cloud Security Engineer

Remote / Online - Candidates ideally in
Danvers, Essex County, Massachusetts, 01923, USA
Listing for: Johnson & Johnson
Per diem, Remote/Work from Home position
Listed on 2026-02-07
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Job Description & How to Apply Below

Job Function

Technology Enterprise Strategy & Security

Job Sub Function

Security & Controls

Job Category

Scientific/Technology

Job Location s

Danvers, Massachusetts, United States of America
Raritan, New Jersey, United States of America

Job Description

We are seeking the best talent for a Principal Cloud Security Engineer to join our Med Tech Product Security team. The role can be based in Danvers, or Raritan, NJ. Remote work options may be considered on a case-by-case basis and if approved by the Company. This role can also be remote or hybrid work. This role will require up to 20% travel.

As the world’s most comprehensive Med Tech business, J&J Med Tech Companies are building on a century of experience, merging science and technology, to shape the future of health and benefit even more people around the world. With our unparalleled breadth, depth and reach across heart recovery, surgery, orthopedics and interventional solutions, we’re working to profoundly change the way care is delivered.

We are in this for life. For more information, visit

At Johnson & Johnson, we all belong.

Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First! culture? If that’s you, we have an immediate opportunity for a Sr. Manager Medical Devices Product Security to join the Product Cybersecurity team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards.

You will own the Product Security process for the products that you will support throughout the product development lifecycle which includes both pre-market and post-market processes engineering teams. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you.

Purpose

The Principal Cloud Security Engineer will be responsible for implementation of J&J’s enterprise Product Security strategy and framework throughout the Heart Recovery portfolio of medical devices and supporting platforms. This role will join Abiomed, part of Johnson & Johnson Med Tech, to provide technical expertise and strategic leadership in securing Impella heart pump technologies, next-generation cardiac support systems, and connected medical devices.

This role is responsible for delivering security architecture, cryptographic controls, embedded system protections/controls, and threat mitigation techniques to ensure robust, regulatory-compliant security across the product lifecycle. Specific responsibilities include supporting heart recovery throughout a new product’s development phases, review product security requirements and recommend security design solutions, complete Quality documentation, threat modelling, coordinate third-party penetration testing, software architecture review and design recommendations, code analysis and other security testing work as needed.

Additionally, this position will have post market responsibilities for Heart Recovery marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to customer security questionnaires and reviewing security language within contractual agreements as needed.

  • Drive alignment of the Cloud security controls and documentation to the J&J Product Security’s overarching framework.
  • Define and prioritize compliance with the FDA Pre-Market Guidance Appendix 1
  • Define the security requirements required USA 510k, EU MDR, and Japan PDMA compliance
  • Support the Product Security strategy and objectives within Heart Recovery
  • Define and Enforce cryptographic protocols for data-at-rest and data-in-transit, ensuring compliance with FDA cybersecurity requirements, NIST 800-175, FIPS 140-3, and IEC 62443.
  • Define and implement key management infrastructure (PKI, cloud-based HSMs)) for device identity, authentication, and software signing.
  • Implement Zero Trust security for device-to-cloud connectivity, integrating mTLS and continuous authentication models into clinical…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search