Software Engineer III (Cybersecurity Test Engineering, Post-Market Security)

Job Information Number
ICIMS-2026-9889
Job function
R&D
Job type
Full-time
Location
Werfen - Bedford - 180 Hartwell Road Bedford, Massachusetts 01730 United States
Country
United States
Shift
1st
About the Position Introduction

Werfen

Werfen is a growing, family-owned, innovative company founded in 1966 in Barcelona, Spain. We are a worldwide leader in specialized diagnostics in the areas of Hemostasis, Acute Care Diagnostics, Transfusion, Autoimmunity, and Transplant. Through our Original Equipment Manufacturing (OEM) business line, we research, develop, and manufacture customized assays and biomaterials. We operate directly in 30 countries, and in more than 100 territories through distributors. Our Headquarters and Technology Centers are located in the US and Europe, and our workforce is more than 7,000 strong.

Our success comes from a specific focus in these rapidly evolving diagnostic areas, our commitment to customers, and our dedication to innovation and quality. We're passionate about providing healthcare professionals the most valuable and complete solutions to improve hospital efficiency and enhance patient care.

Overview

Position Summary:

Under minimal supervision, as a member of the R&D Software Engineering team at Werfen, this role focuses on both offensive and defensive cybersecurity, as well as operational security. The primary responsibilities include identifying and validating vulnerabilities, mitigating risks, and ensuring compliance with regulatory standards to safeguard critical systems in highly regulated industries using software engineering tools and techniques available.

Responsibilities

Essential Functions:

• Participates as active member of the project team focusing on analyzing penetration test results, assessing attack patterns and severity, and collaborating with Red or developers
• Provide actionable remediation guidance to mitigate identified cybersecurity defects and risks.
• Manage and maintain vulnerability scanning tools, and secure test environments.
• Conduct fuzz testing to uncover unknown vulnerabilities and escalate critical findings.
• Reproduce and validate cybersecurity defects in controlled environments.
• Evaluate, Investigate and resolve cybersecurity issues/ fixes reported by customers, ensuring effective and timely solutions.
• Produce high-quality technical documentation to support compliance with regulatory standards such as FDA, HIPAA, and ISO 13485.
• Collaborate with development, IT, and product teams to ensure secure design and implementation of systems and products.

• Creates/Maintains software requirement/functional specifications
• Identifies interfaces between software components and/or hardware
• Creates/Maintains software (component) design documentation
• Creates/Maintains software source code that adheres to design documentation
• Performs unit testing and/or code reviews as per project policy
• Performs integration testing to ensure software functions within application and with devices
• Evaluates, investigates, and implements fixes to assigned software defects
• Evaluates, investigates, and implements assigned software change proposals

Key Relationships:

To be determined based on department needs, to include interactions such as:

• Provides level of effort for assigned software activities
• Tracks personal estimates over time in order to improve accuracy
• Effectively communicates technical information to a multidisciplinary team in the form of documentation, presentations and technical summaries.
• Makes recommendations or suggestions for department improvements
• Ability to work in a team environment of software developers and testers

Skills & Capabilities:

The ideal candidate for this position will exhibit the following skills and capabilities:

• Expertise in penetration testing tools (e.g., Nessus, Metasploit, Burp Suite) and fuzzing tools (e.g., Peach, AFL).
• Familiarity with secure software development lifecycles (SDLC).
• Familiarity with standards such as FDA, HIPAA, and ISO 13485.
• Strong technical writing skills for compliance, reporting, and regulatory submissions.
• Advanced knowledge in exploit chaining and vulnerability analysis.
• Industry-recognized certifications such as OSCP, CEH, GPEN, or equivalent.
• Experience with VMware ESXi and virtualized environments desirable.
• Strong knowledge of Linux systems.
• Experience in cybersecurity for medical devices or other highly regulated industries.
• Strong written and oral communications skills
• Ability to use software engineering tools: configuration, requirements, and defect management
• Ability to operate instrumentation

Qualifications

Minimum Knowledge & Experience Required for the Position:

Education :

• Associates Degree plus typically 4 to 10 years of related experience or Bachelor's Degree plus typically 4 to 8 years of related experience or Master's Degree plus typically 2 to 6 years of related experience or waiver based on experience. Degree should be in a technical discipline such as Chemistry, Math, Physics, Engineering, or Computer Science.

Experience:

• Programming expertise in Python, Bash, C, or C++.Hands-on expertise in offensive and defensive security and penetration testing methodologies.

Additional Skills/Knowledge:

• Proficiency with a personal computer and software packages
• Ability to use software engineering tools: configuration, requirements, and defect management
• Ability to handle many software components
• Language: English

Travel Requirements:

• < 5% of the time

The annual base salary range for this role is currently $110,000 to $140,000. Individual employee compensation will ultimately depend on factors including education, relevant experience, skillset, knowledge, and particular business needs.

This role is eligible for medical, dental, and vision insurance, 401k plan retirement benefits with an employer match, as well as paid vacation and sick leave. Our sales roles are eligible for participation in a commission plan and our management, and select professional roles, are eligible for a performance-based bonus.

If you are interested in constantly learning and being challenged on a daily basis we encourage you to submit your resume or CV.

Werfen is an Equal Opportunity employer and is committed to a diverse workplace. Werfen strictly prohibits unlawful discrimination, harassment or retaliation based upon an individual's race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other protected characteristic as defined by applicable state or federal law. If you have a disability and need an accommodation in relation to the online application process, please contact View email address on click.appcast.io for assistance.

We operate directly in over 30 countries, and in more than 100 territories through distributors. Annual revenue is approximately $2 billion and more than 7,000 employees around the world comprise our Werfen team.

Apply Now