Sr Principal Cybersecurity Engineer - Medical Device

At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where 'Health for all Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us.

If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice.

As a Sr. Principal Cybersecurity Engineer for the Medical Device Cybersecurity group, you will play a crucial role in securing Bayer Radiology medical devices and software against potential cyber threats. Your responsibilities will include reviewing cybersecurity vulnerabilities, assessing the likelihood of exploitation, and evaluating potential impacts on the safety and effectiveness of Bayer Radiology medical devices. You will also design and develop solutions to mitigate cybersecurity risks associated with Bayer Radiology medical devices, software, and IT products.

This position is based in Indianola, PA, and visa sponsorship may be offered.

• Lead cybersecurity activities and provide expertise at the project level;
• Offer cybersecurity expertise and leadership across departmental projects;
• Interact with thought leaders to develop new product ideas;
• Document cybersecurity deliverables to comply with global medical device regulations;
• Lead cybersecurity assurance planning and document activities in the design history file;
• Define and document cybersecurity requirements, including clinical and business needs;
• Lead cybersecurity design reviews at the project level;
• Apply product and clinical application knowledge to identify threats and develop mitigations;
• Perform threat modeling on device security architecture and assess risks and mitigations;
• Lead continuous vulnerability management and incident responses in coordination with CSRM;
• Coordinate threat intelligence and advisory with CSRM for developed products;
• Support improvements in medical device cybersecurity processes;
• Independently plan and manage work activities to meet department objectives;
• Lead cross-functional teams on departmental projects;
• Provide technical consulting, leadership, and advice to peers and management;
• Maintain relationships with external technical experts and participate in standards creation;
• Communicate effectively and persuasively within and across departments;
• Demonstrate skill in independent analysis and synthesis of solutions for complex problems.

Bayer seeks an incumbent who possesses the following:

• Minimum of a High School Diploma/GED. Bachelor’s Degree in Cybersecurity Engineering, Computer Science, IT, or related field strongly preferred;
• 12+ years of recognized expertise in cybersecurity with significant depth in multiple technical specialties and hands‑on experience with product security technologies (e.g., Authentication, Encryption, Firewalls, Data Integrity);
• Experience in threat modeling, vulnerability analysis, security risk analyses, and security assessments;
• Proficiency in vulnerability testing, scanning, and associated tools (e.g., Wireshark, Metasploit, Nessus);
• Experience in cybersecurity incident response and investigations;
• Experience in security by design and reviewing security architectures;
• Experience in developing cybersecurity policies and procedures;
• Familiarity with cybersecurity regulations and standards such as NIST Framework, FIPS;
• Knowledge of data privacy standards such as HIPAA;
• Demonstrated skill in independent analysis and synthesis of solutions to complex problems;
• Excellent oral, written, and listening skills;
• Strong persuasion and consensus‑building skills with the ability to work in cross‑functional teams.

• Master’s Degree;
• Experience in FDA‑regulated medical device product development or similar regulated products;
• Relevant certifications such as CISSP, HCISSP.

This posting will be available for…