Senior Product Cybersecurity Engineer (Hybrid Boston)

We are constantly looking to add to our core talent. If you are seeking a career that is challenging and rewarding a work environment that is diverse and dynamic look no further Haemonetics is your employer of choice.

Job Details

Secure the next generation of medical and cloudconnected healthcare products

At Haemonetics we design technologies that directly impact patient safety and clinical outcomes. We are seeking a Senior Product Security Engineer who will play a critical role in embedding security throughout the lifecycle of our medical devices and cloudbased healthcare solutions.

In this role you will collaborate closely with software embedded cloud quality and regulatory teams to ensure that security is built into every stage from concept and development to release monitoring and postmarket operations. You will influence secure design decisions strengthen our DevSecOps practices and help maintain the safety and regulatory integrity expected in the healthcare environment.

What You Will Do

You will serve as a core partner across product engineering embedding security into medical device and SaMD development while strengthening our cloud DevSecOps and vulnerability management practices.

Secure Product Development & SaMD Security

You will help product teams build secure systems from the ground up by:

• Integrating security into the SDLC through secure design reviews threat modeling and requirements definition.
• Performing architecture and threatmodeling reviews for device firmware cloud services and APIs and the mobile/web applications that support our devices.
• Defining and validating controls for authentication authorization encryption and data protection.
• Working with Quality and Regulatory teams to ensure cybersecurity requirements are traceable documented and auditready.

Cloud & Backend Product Security (AWS)

You will secure the AWSbased backends that power our medical and SaMD platforms by:

• Designing and reviewing secure cloud architectures using AWS services.

• Implementing productfocused logging monitoring and threatdetection capabilities.

DevSecOps & Supply Chain Security

You will enhance product resilience and build confidence in our supply chain by:

• Integrating security tooling into CI/CD pipelines (SAST DAST dependency and container scanning secrets detection).

• Establishing SBOM practices and governing thirdparty components.

• Defining secure standards for container images including hardening scanning and signing.

• Supporting secure build processes artifact signing and release integrity.

Vulnerability Management & PostMarket Cybersecurity

You will help products remain secure after launch by:

• Supporting vulnerability intake triage prioritization and remediation across device software and cloud environments.

• Contributing to coordinated disclosure advisories and postmarket cybersecurity requirements.

• Working with incident response to investigate and contain productrelated security events.

Technical Leadership

You will be a trusted advisor and mentor by:

• Serving as the product security subject matter expert for engineering teams.

• Guiding secure design decisions and establishing practical usable security patterns.

• Driving continuous improvement in product security maturity.

Who You Are

You are a handson security engineer with strong product and application security experience and you are comfortable working across embedded cloud and software systems in regulated healthcare environments. You bring:

• 7 years of cybersecurity engineering experience with a focus on product/application security.

• Direct experience securing medical devices connected devices or SaMD in regulated settings.

• Strong understanding of secure SDLC DevSecOps threat modeling OWASP Top 10 and API security risks.

• Handson experience with AWS cloud security for product backends.

• Familiarity with frameworks like NIST CSF NIST 80053 and ISO 27001.

• The ability to collaborate effectively with Engineering Quality Regulatory and Product teams.

Preferred experience:
Knowledge of IEC 62304 ISO 14971 ISO 13485 FDA cybersecurity guidance UL 2900 AAMI TIR57/TIR97 EU MDR and IEC; exposure to CSPM CIEM or cloud workload protection tools.

Certifications:

• CISSP CISM Security CySA or GIAC (GSEC GWAPT GPEN).

• Strongly preferred: AWS Certified Security Specialty CCSP.

You are also comfortable with tools such as AWS IAM/VPC/ECS/Lambda/S3/RDS/KMS/CloudTrail/GuardDuty Veracode SAST/DAST and SBOM tooling AWS CI/CD pipelines and Terraform.

What Success Looks Like

Success in this role means security becomes a natural expected part of how we design and ship products not a latestage hurdle. You help ensure that:

• Products are architected with strong security foundations from day one.

• Our cloud and device platforms are secure observable and resilient.

• Vulnerabilities are handled quickly with clear processes and effective remediation.

• Postmarket cybersecurity meets the expectations of regulators clinicians and customers.

• Engineering teams grow stronger through your mentorship and security leadership.

EEO Policy Statement

Pay Transparency:

The base pay actually offered to the successful candidate will take into account without limitation the candidates location education job-knowledge skills and experience in prior relevant roles. Incentives may also be provided as part of Haemonetics employee compensation. For sales roles employees will be eligible for sales incentive (i.e. commission) under the applicable plan terms. For non-sales roles employees will be eligible for a discretionary annual bonus the target amount of which varies based on the applicable role to be governed by the applicable plan terms. Employees may also be eligible to participate in the Companys long-term incentive plan with eligibility and target amount dependent on the role.

In addition to compensation the Company offers a competitive suite of benefits to its employees including without limitation a 401(k) with up to a 6% employer match and no vesting period an employee stock purchase plan flexible time off for salaried employees and for hourly employees accrual of three to five weeks vacation annually (based on tenure) accrual of up to 64 hours (annually) of paid sick time paid and/or floating holidays parental leave short- and long-term disability insurance tuition reimbursement and/or health and welfare benefits.

Depending on your location you may be eligible for more detailed information related to the compensation and benefits related to this job posting. If you believe you may be entitled to such information by law you may contact 1- Monday through Friday 7:30 a.m. 5 p.m. ET or email .

The base salary range for this role is: