Senior/Principal Product Security Engineer

Mondo

Danvers, Massachusetts

JOB DETAILS
SALARY
$70–$85 Per Hour
SKILLS
Architectural Analysis, Bill of Materials (BOM), Computer Security, Cross-Functional, Delivery Management, Documentation, FDA (Food and Drug Administration), ISO (International Organization for Standardization), Internet Security, Maintain Compliance, Medical Equipment, Metrics, Microsoft Excel, Microsoft Word, Product Documentation, Product Engineering, Quality Management, Requirements Management, Requirements Validation/Verification, Research & Development (R&D), Risk, Risk Analysis, Risk Management Framework (RMF), Security Analysis, Threat Modeling, Threat and risk analysis (TRA), Urology
LOCATION
Danvers, Massachusetts
POSTED
30+ days ago

Apply now: Senior/Principal Product Security Engineer, location is Remote. The start date is ASAP for this contract position.

Job Title: Senior/Principal Product Security Engineer
Location-Type: Remote
Start Date Is: ASAP
Duration: 9-12 month contract
Compensation Range: $70-85/hr W2
Benefits: Eligible for Health, Dental, Vision, 401K
Must be authorized to work in the U.S. This position is not eligible for sponsorship.

Job Description:
Lead hands-on product security documentation and risk deliverables for regulated MedTech devices supporting FDA submission readiness.

Day-to-Day Responsibilities:

  • Pull and complete templates within the Quality Management System (QMS)
  • Own and drive product security documentation end-to-end (Word/Excel)
  • Conduct threat modeling, risk assessments, and cybersecurity evaluations
  • Collaborate with R&D software teams to gather requirements and validate findings
  • Develop and maintain product security plans and vulnerability reports (SOUP, MDS)
  • Perform vulnerability analysis using CVSS and software bill of materials (SBOM)
  • Ensure alignment with FDA premarket cybersecurity guidance and ISO 14971
  • Route completed documentation for internal review and approval
  • Manage multiple deliverables (up to ~6 per product) simultaneously

Requirements:

  • Must-Haves:
    • 5–6 years of experience in product security or cybersecurity engineering
    • Hands-on experience in regulated MedTech or similar highly regulated environment
    • Proven ownership of threat models, cybersecurity architecture, and risk assessments
    • Experience with vulnerability management (CVSS, SBOM, SOUP reports)
    • Strong experience working within a QMS and driving documentation to completion
    • Familiarity with FDA premarket cybersecurity guidance
    • Knowledge of ISO 14971 risk management frameworks
    • Ability to work cross-functionally with R&D and engineering teams
  • Nice-to-Haves:
    • Experience supporting FDA submissions for medical devices
    • Background in urology or similar medical device domains
    • Experience managing multiple concurrent compliance deliverables
    • Exposure to cybersecurity metrics and reporting frameworks

 

About the Company

M

Mondo