Principal Product Security Engineer
Not Disclosed•Full-TimeHybrid
location_on181, South Euclid Avenue, Pierre, Buckeye Township, Hughes County, South Dakota, 57501, United States
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.
This role is part of the newly formed Product Security team within the Technology Enterprise Strategy & Security function. We operate within a "Patient First!" culture, ensuring that security is implemented by design for our top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards, directly influencing patient lives through robust security practices.
As a Principal Product Security Engineer, you will own the Product Security process, encompassing both pre-market and post-market phases that engineering teams leverage throughout the product development lifecycle. You will partner with diverse engineering teams—including cloud, console, and pump development—to drive successful adherence to Abiomed's product security policies, processes, and program objectives.
In this role, you will act as a Subject Matter Expert (SME) on cybersecurity matters, providing guidance to development teams and advocating for the proactive inclusion of security input into all phases of the product life cycle. Your work will involve strategic product roadmap planning, process improvements, and managing Corrective and Preventive Actions (CAPAs). You will guide teams to make decisions that balance business needs with medical device security objectives, working across organizational boundaries with empathy for both internal and external customers.
We are searching for the best talent to join our community of collaborative colleagues. If you are passionate about security and eager to leverage your skills to make a difference, we invite you to apply. Remote work options may be considered on a case-by-case basis and if approved by the Company. Candidates selected for this position in Danvers, MA, are expected to be at the office for a minimum of 3 days per week.
Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants' needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center or contact AskGS to be directed to your accommodation resource.
Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status, or other characteristics protected by federal, state, or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
Work model: Hybrid
181, South Euclid Avenue, Pierre, Buckeye Township, Hughes County, South Dakota, 57501, United States
Pierre, South Dakota
Experience working in a regulated environment, specifically FDA-regulated.
Skills: Nist Cybersecurity Framework, Iso27001, Soc2, Hipaa, GDPR, Fedramp, Iso 27001, Security Risk Management, Threat Models, Sbom.
Education: Bachelor's degree required.
