Product Security Engineer

eNGINE builds Technical Teams. We are a Solutions and Placement firm shaped by decades of interaction with Technical professionals. Our inspiration is continuous learning and engagement with the markets we serve, the talent we represent, and the teams we build. Our Consulting Workforce is encouraged to enjoy career fulfillment in the form of challenging projects, schedule flexibility, and paid training/certifications. Successful outcomes start and finish with eNGINE.eNGINE is hiring a Senior Product Security Engineer to join our team and play a critical role in securing real-world, life-saving medical devices. This is not a purely advisory role—this position requires deep, practical engineering experience working directly with embedded systems and physical products.You will partner closely with R&D and product teams to embed security into the design, development, and regulatory lifecycle of connected medical devices, ensuring compliance with global standards while advancing modern security practices.What You’ll Do:Lead and execute product security engineering activities across the full development lifecycle for network-connected embedded medical devicesPerform hands-on security work including triage, scripting, testing, and validation of product security controlsDrive threat modeling initiatives and guide teams in identifying and mitigating risks in both new and existing productsSupport Software Bill of Materials (SBOM) and VEX vulnerability management, including tooling and process improvementsImplement and support Coordinated Vulnerability Disclosure (CVD) processesPartner with engineering teams to design and integrate security controls, including encryption, authentication, and access controlsDevelop and maintain traceability artifacts and documentation required for regulatory submissionsSupport FDA cybersecurity requirements and approval processes, including pre- and post-market guidanceCollaborate with cross-functional teams to produce risk assessments, security test reports, and mitigation strategiesStay current on emerging threats, technologies, and regulatory requirements, and share insights across the organizationContribute to and maintain secure development policies and standardsWhat You Bring:Hands-on product security engineering experience—ideally working with physical or embedded devices (medical device experience strongly preferred)Proven experience navigating FDA regulatory frameworks and participating in FDA approval processesStrong background in embedded systems and embedded Linux environmentsSolid understanding of networking fundamentals, including TCP/IP, secure communications, and certificate-based systemsExperience using Python for scripting, automation, or lightweight toolingFamiliarity with application security and testing tools (SAST, DAST, IAST, OSS scanning, fuzzing, etc.)Deep knowledge of industry security frameworks and standards, including:FDA Pre- and Post-Market Cybersecurity GuidanceIEC 62304, TIR57NIST Cybersecurity FrameworkGlobal regulations (EU MDR, NMPA, etc.)Basic Qualifications:Bachelor’s degree in Computer Science, Electrical/Computer Engineering, or related discipline5+ years of experience in cybersecurity, with a focus on medical devices or healthcare technology5+ years of product security experienceWhat Sets You Apart:Ability to bridge engineering and regulatory worlds, effectively communicating with both developers and FDA auditorsStrong bias toward hands-on execution, not just policy or oversightExperience building scalable security processes for high-impact, regulated productsPassion for improving security in life-critical systemsNo C2C, relocation, referral candidates, or sponsorship for this role.For finer details on how eNGINE can impact your career, apply today!