Principal Product Cybersecurity Engineer

We are constantly looking to add to our core talent. If you are seeking a career that is challenging and rewarding, a work environment that is diverse and dynamic, look no further - Haemonetics is your employer of choice.

Job Details

Key Responsibilities

Secure Product Development & SaMD Security

• Embed security into the medical device and SaMD SDLC, including secure design reviews, threat modeling, and security requirements definition.
• Perform threat modeling and architecture reviews for:
  • Device software and firmware
  • Cloud-connected services and APIs
  • Mobile and web applications supporting medical devices
• Define and validate security controls for authentication, authorization, encryption, and data protection in patient-impacting systems.
• Partner with Quality and Regulatory teams to ensure cybersecurity requirements are documented, traceable, and auditable.

Cloud & Backend Product Security (AWS)

• Secure AWS-hosted product backends supporting medical devices and SaMD.
• Design and review security architectures using AWS services
• Implement product-focused logging, monitoring, and threat detection

DevSecOps & Supply Chain Security

• Integrate security testing into CI/CD pipelines, including SAST, DAST, dependency scanning, container scanning, and secrets detection.
• Establish and maintain SBOM practices and third-party component governance for medical device software.
• Define and enforce secure standards for container images, including hardening, scanning, signing, and runtime protections.
• Support secure build, artifact signing, and release integrity controls.

Vulnerability Management & Post-Market Cybersecurity

• Support product vulnerability intake, triage, and remediation across device software and cloud services.
• Assist with vulnerability disclosure, security advisories, and post-market cybersecurity activities.
• Collaborate with incident response teams to investigate and contain product-related security events.

Technical Leadership

• Serve as the product security subject matter expert for engineering teams.
• Mentor engineers and influence secure design decisions through practical guidance and standards.
• Drive continuous improvement in product security maturity and resilience.

Required Qualifications

• 10+ years of experience in cybersecurity engineering with a strong focus on product and application security
• Direct experience securing medical devices, connected devices, or SaMD in a regulated healthcare environment.
• Strong understanding of:
  • Secure SDLC and DevSecOps practices
  • Threat modeling methodologies
  • OWASP Top 10 and API security risks
• Hands-on experience with AWS cloud security in support of products and services.
• Familiarity with healthcare and product security frameworks, including NIST CSF/800-53 and ISO 27001.
• Ability to work effectively across Engineering, Quality, Regulatory, and Product teams.

Preferred Qualifications

• Experience with medical device standards and guidance, including:
  • IEC 62304, ISO 14971, ISO 13485
  • FDA cybersecurity expectations, UL 2900, AAMI TIR57/TIR97
  • EU MDR and IEC 8100151
• Exposure to CSPM, CIEM, or cloud workload protection platforms.
• Certifications (One or More Required)
• CISSP (ISC) or CISM (ISACA)
• CompTIA Security+ or CySA+
• GIAC certifications (e.g., GSEC, GWAPT, GPEN)

Strongly Preferred

• AWS Certified Security - Specialty
• CCSP (ISC)
• Tools & Technologies
• Cloud: AWS (IAM, VPC, ECS, Lambda, S3, RDS, KMS, CloudTrail, GuardDuty)
• Product Security: Veracode - SAST/DAST, dependency & container scanning, SBOM
• DevOps: AWS CI/CD pipelines, Infrastructure as Code (Terraform)

EEO Policy Statement

Pay Transparency:

The base pay actually offered to the successful candidate will take into account, without limitation, the candidate's location, education, job-knowledge, skills, and experience in prior relevant roles. Incentives may also be provided as part of Haemonetics' employee compensation. For sales roles, employees will be eligible for sales incentive (i.e., commission) under the applicable plan terms. For non-sales roles, employees will be eligible for a discretionary annual bonus, the target amount of which varies based on the applicable role, to be governed by the applicable plan terms. Employees may also be eligible to participate in the Company's long-term incentive plan, with eligibility and target amount dependent on the role.

In addition to compensation, the Company offers a competitive suite of benefits to its employees, including without limitation, a 401(k) with up to a 6% employer match and no vesting period, an employee stock purchase plan, "flexible time off" for salaried employees and, for hourly employees, accrual of three to five weeks' vacation annually (based on tenure), accrual of up to 64 hours (annually) of paid sick time, paid and/or floating holidays, parental leave, short- and long-term disability insurance, tuition reimbursement, and/or health and welfare benefits.

Depending on your location, you may be eligible for more detailed information related to the compensation and benefits related to this job posting. If you believe you may be entitled to such information by law, you may contact View phone number on click.appcast.io, Monday through Friday, 7:30 a.m. - 5 p.m. ET or email View email address on click.appcast.io.

The base salary range for this role is:

$103,600.00-$176,400.00/Annual