Sr. Product Security Engineer, Software; On site- San Diego, CA office

Position: Sr. Product Security Engineer, Software (On site- San Diego, CA office)
* Career development with an international company where you can grow the career you dream of.
* Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year.
* An excellent retirement savings plan with a high employer contribution
* Tuition reimbursement, the  student debt program, and  education benefit - an affordable and convenient path to getting a bachelor’s degree.
* A company recognized as a great place to work in dozens of countries worldwide and named one of the most admired companies in the world by Fortune.
* A company that is recognized as one of the best big companies to work for as well as the best place to work for diversity, working mothers, female executives, and scientists.

This (Software Development) Sr. Product Security Engineer role works
** on site daily
** in our
** San Diego, CA
** location in
** Abbott Rapid Diagnostics, Infectious Diseases business
** unit. Our diagnostic solutions are used in hospitals, laboratories, and clinics around the globe. The crucial information derived from our tests, instruments, and informatics systems is often the first step in patient care decision-making for hundreds of health conditions from heart attacks to blood disorders to infectious diseases and cancers.

We’re offering a hands-on
** software development
** opportunity for a
** Sr. Product Security Engineer.
** This role focuses on
** integrating cybersecurity into the product lifecycle**, ensuring our devices meet regulatory requirements and protect patient safety. We first need someone that is a software engineer, and then secondly someone interested in Cyber Security.
* Participate in threat modeling and security architecture reviews for embedded medical devices and supporting software.
* Coding in Python, Java, and understand Scripting languages.
* Collaborate with engineering, quality, and regulatory teams to apply secure-by-design principles throughout development.
* Support risk assessments and contribute to risk mitigation strategies aligned with FDA and international cybersecurity guidance.
* Implementation of security risk controls and operating system hardening.
* Assist with penetration testing and vulnerability assessments of firmware, hardware interfaces, and software components.
* Help define and maintain security requirements, secure coding practices, and design controls.
* Stay current with emerging threats and vulnerabilities relevant to embedded systems and healthcare technologies.
* Contribute to regulatory documentation and support audits with evidence of cybersecurity controls.
* Share cybersecurity best practices with development teams and support internal training efforts.
* Formulates and implements research and development programs, policies, and procedures required to support profitable growth.
* Interfaces with appropriate internal and external resources to ensure intellectual property is appropriately protected.
* Provides technical assistance for diagnosing design and manufacturing quality problems.
* Guides development and documentation of test plan protocols, standard operating procedures, specifications and test procedures.
* Complies with U.S. Food and Drug Administration (FDA) regulations, other regulatory requirements, Company policies, operating procedures, processes, and task assignments.  Maintains positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.
* Contribute to the development of security controls for new and existing embedded diagnostic devices, including secure boot, firmware integrity, authentication, and encryption.
* Assist in security risk management activities following ISO 14971, IEC 62304, and FDA cybersecurity guidance.
* Support incident response planning and post-market surveillance for cybersecurity events.
* Help ensure alignment with Abbott’s Quality Management System (QMS) and contribute to continuous improvement of cybersecurity processes.
* Apply knowledge of regulatory and industry standards (e.g., NIST CSF, ISO 27001, IMDRF, EU MDR) in day-to-day work.
* ** Use your knowledge of programming languages such as…