Cybersecurity Product Lead – Medical Devices

Analog Devices, Inc. (NASDAQ: ADI) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay ahead of what's possible.

Learn more at  and on Linked In and Twitter (X).

Analog Devices (NASDAQ: ADI) designs and manufactures semiconductor products and solutions that help our customers intelligently interpret the world around them—bridging the physical and digital worlds with unmatched technologies that sense, measure, and connect.

The Software and Digital Platforms team at Analog Devices is seeking an experienced Cybersecurity Product Lead – Medical Devices to provide cybersecurity leadership and regulatory governance across a designated portfolio of FDA‑regulated medical device products. In this role, you will define, govern, and execute the cybersecurity strategy across one or more medical device products throughout the full product lifecycle, with a primary focus on FDA‑regulated development and 510(k) submissions.

You will serve as the cybersecurity product owner and regulatory lead, ensuring security requirements are embedded into design controls, risk management, and software lifecycle processes in compliance with FDA cybersecurity guidance and internal Quality Management System (QMS) procedures.

The role partners closely with Engineering, Quality, Regulatory Affairs, Clinical, and Corporate IT Security teams to ensure cybersecurity is designed in from the outset, well‑documented, and defensible during regulatory reviews and audits. The position also requires close coordination with software engineering teams and the broader product security organization to drive strategic security initiatives while identifying, assessing, and mitigating cybersecurity risks across the software development lifecycle.

• Develop, review, govern, and execute QMS‑regulated, cadence‑based cybersecurity policies and procedures, managing ISMS execution to ensure repeatable, auditable operations and compliance with regulatory requirements, including FDA cybersecurity guidance.
• Act as the single point of accountability for cybersecurity decisions impacting product risk, regulatory posture, and release scope.
• Serve as a cybersecurity subject matter expert (SME) in FDA inspections, internal audits, and regulatory engagements.
• Continuously evaluate and enhance the organization’s cybersecurity program to adapt to evolving threats, risks, and operational challenges.
• Collaborate closely with Corporate IT Security teams to leverage enterprise tools, platforms, and infrastructure that support product portfolio security requirements.
• Partner with engineering teams to design secure system architectures, review designs, and ensure security control alignment with both product and corporate standards.
• Ensure cybersecurity requirements are fully integrated into Design Inputs, Design Outputs, Verification, and Validation activities under FDA Design Controls.
• Support engineering teams in the development of required cybersecurity‑related design control documentation, including risk analyses and supporting evidence.
• Implement and oversee security monitoring tools and technologies, analyzing alerts and logs to detect, investigate, and respond to security threats as appropriate.
• Establish and enforce access control mechanisms for sensitive systems and resources while fostering a strong culture of security awareness and accountability.
• Evaluate the cybersecurity posture of third‑party vendors and service providers by establishing and maintaining vendor risk management processes.
• Develop and lead incident response procedures, coordinate investigations, manage response efforts with internal and external stakeholders, and implement corrective actions to prevent…