Staff Product Security Engineer
$151k - $196kiRhythm Technologies, Inc.
Role Description
We are seeking a Staff Product Security Engineer with proven experience in the medical device industry. In this role, you will safeguard medical devices by identifying, assessing, and mitigating security risks unique to healthcare technology. You will collaborate with cybersecurity, systems development, product development, product management, and quality and regulatory teams to ensure that security is embedded across the product development lifecycle (PDLC) and the secure software development lifecycle (SDLC), in alignment with FDA cybersecurity requirements.
Key Responsibilities
- Cybersecurity Strategy & Leadership:
- Provide senior-level cybersecurity leadership across product development, influencing secure design decisions at scale.
- Drive adoption and continuous improvement of the Secure Product Development Framework (SPDF) and secure SDLC practices.
- Translate complex cybersecurity risks into clear, actionable guidance for engineering and business stakeholders.
- Regulatory & Compliance:
- Ensure compliance with FDA cybersecurity guidance (including Section 524B) and global data privacy regulations (HIPAA, GDPR) in partnership with Regulatory, Quality, Privacy, and Cybersecurity teams.
- Develop and maintain cybersecurity documentation to support pre- and post-market regulatory requirements.
- Risk Management & Threat Modeling:
- Lead and mature cybersecurity risk management practices, including threat modeling, Cybersecurity Risk Assessments (CSRAs), and security design reviews.
- Develop and maintain threat models and data flow diagrams, incorporating considerations for patient safety, data privacy, and system integrity.
- Secure Architecture & Design:
- Advise on and review secure architectures across embedded systems, applications, cloud, and IoMT platforms.
- Participate in design reviews, providing actionable recommendations to strengthen system security requirements.
- Vulnerability & Security Operations:
- Oversee vulnerability management programs, including detection, scanning, remediation, and coordinated disclosure (PSIRT).
- Leverage application security and threat detection tools (e.g., Veracode, Snyk, GitLab) to identify and address vulnerabilities early in the SDLC.
- Support incident response and post-market monitoring, driving root cause analysis and preventive actions.
- Software Supply Chain & SBOM:
- Oversee SBOM management, third-party risk, and software supply chain security, ensuring transparency and risk mitigation across components.
- Cross-Functional Partnership:
- Partner closely with Product, R&D, Quality, Regulatory, Privacy, and Cloud teams to embed security throughout the product lifecycle and ensure alignment across stakeholders.
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or related field
- 12+ years of experience in product security or related cybersecurity roles
- Deep expertise in securing complex, software-driven and safety-critical systems
- Strong knowledge of secure design, threat modeling, vulnerability management, and SDLC practices
- Experience operating in regulated environments (FDA, HIPAA, GDPR)
- Familiarity with frameworks such as NIST, ISO 14971, IEC 62304, and related standards
- Proven ability to influence cross-functional teams and drive security outcomes
- Experience with medical devices, healthcare technology, or IoMT systems
Preferred Qualifications
- Professional certifications such as CISSP, CISM, CRISC
- Experience with CI/CD security tooling (SAST, DAST, SCA) and shift-left practices
- Familiarity with global regulatory standards (EU MDR, GDPR, ISO/IEC 81001-5-1)
- Experience supporting SBOM programs and PSIRT operations
- Understanding of penetration testing methodologies
Location
Remote - US
Estimated Pay Range
$151,000.00 - $196,000.00
Company Description
iRhythm is a leading digital healthcare company that creates trusted solutions that detect, predict, and prevent disease. Combining wearable biosensors and cloud-based data analytics with powerful proprietary algorithms, iRhythm distills data from millions of heartbeats into clinically actionable information. Through a relentless focus on patient care, iRhythm’s vision is to deliver better data, better insights, and better health for all.
$107.7k - $285.9k
Role Description GitHub is transforming how the world builds secure software, and we are looking for a Product Security Engineer III to join our Product Security Engineering team. This is a hands-on engineering role focused on building internal security platforms, tooling...SuggestedFull time- Role Description We're hiring a Sr Product Security Engineer to do deep, hands-on security testing across BeyondTrust's product portfolio using AI as a force multiplier. You'll use Claude, Codex, and LLM-driven workflows to build threat hunting skills, develop fuzz factory...SuggestedFull time
$140k - $175k
Role Description We’re looking for a Senior Product Security Engineer who is passionate about partnering with engineers to assess and mitigate the security risk of our virtualization stack. You'll own the security risk posture for our virtualization stack by: ~Building...SuggestedFull timeLocal areaFlexible hours- ...~You are a deeply technical engineer who gets restless when pipelines... ...down. ~You care about shipping secure software! ~This is an individual-contributor Staff role, meaning technical... ...catch issues before they reach production. ~Systematically, consistently...SuggestedFull timeRemote workFlexible hours
- Role Description We are looking for a Product Security Engineer to join the team responsible for securing Action1’s multi-tenant SaaS product. In this role, you will work closely with engineering, product, and security teams to: ~Identify risks early ~Support vulnerability...SuggestedFull timeRemote work
$187k - $260k
Role Description Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our rapidly evolving platform as we expand our AI and LLM-powered offerings. You will join the team responsible for safeguarding the application layer of Airtable...Full time- ...comfortable operating directly within the product development lifecycle—understanding how... ...applying that understanding to product security decisions, acceptance criteria, and release... .... ~Serve as advisor to product and engineering on security risk, architectural trade-...Minimum wageFull timeLocal area
$218k - $235k
Role Description We're seeking a Senior Product Security Engineer who is passionate about building and scaling robust security programs in an AI-forward engineering environment. Reporting to our Head of IT Operations & Information Security, you'll lead efforts to mature...Full timeRemote work$156k - $214.5k
Role Description At Bose, sound isn’t just a product — it’s part of how people experience the world. From music and entertainment... ...moments that matter every day. We’re looking for a Senior Product Security Engineer to help protect the systems and services behind those...Full time$127k - $165k
Role Description We are seeking a Senior Product Security Engineer with medical device experience who will ensure robust protection of patient data, device integrity, and regulatory compliance. In this role, you will partner with engineering, product management, regulatory...Full timeRemote work- ...Security Engineer At StackAI, security is at the heart of empowering companies to build AI assistants quickly and securely. We're looking... ...security strategy, embedding best practices across engineering and product teams to safeguard data and systems. Build and Lead the...Remote work
$187k - $260k
...Airtable to transform how work gets done. Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our... ..., and strategic planning for the security team. ~(Senior/Staff L5+) Lead complex threat modeling sessions for major product...For contractorsLive inRemote work- ...Product Security Engineer Software Guidance & Assistance, Inc., (SGA), is searching for a Product Security Engineer for a contract assignment with one of our premier SaaS clients in Lehi, UT. Also open to remote candidates. We are seeking a Product Security Engineer...Contract workRemote work
$144k - $191k
...Product Security Engineer Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century's most innovative companies...Full timeWork experience placementImmediate start$105.5k - $168.8k
...imagination and passion of all of us—from design and engineering to the manufacturing and marketing of our billions of MedTech products per year—to look at the impossible and find... ...Description Summary: The Product Security Engineer is responsible for supporting the...Hourly payWork at officeRemote workShift work$157.25k - $198.88k
...Product Security Engineer USA Our healthcare system is the leading cause of personal bankruptcy in the U.S. Every year, over 50 million Americans suffer adverse financial consequences as a result of seeking care, from lower credit scores to garnished wages. The challenge...Work at officeRemote workWork from homeFlexible hours- ...Product Security Engineer Software Guidance & Assistance, Inc., (SGA), is searching for a Product Security Engineer for a contract assignment with one of our premier SaaS clients in San Jose, CA or McLean, VA. This role is open to remote in these locations. The ideal...Contract workRemote work
$96k - $132k
...job-you will find purpose and pride. Your role at Baxter At Baxter Healthcare Corporation, we invite a driven Senior Product Security Engineer who is passionate about contributing to healthcare improvements. This opportunity puts you on the frontline of cybersecurity...Temporary workLocal areaRemote workVisa sponsorshipWork visaFlexible hoursShift work$217k - $303.9k
Role Description Reddit is hiring a Staff Product Security Engineer to make the secure path the easiest path for engineers and AI agents. You'll lead the design and delivery of secure frameworks, paved paths, and workflow-native controls that eliminate recurring vulnerability...Full timeFor contractors$102k - $177.1k
Role Description Johnson & Johnson’s MedTech cybersecurity team is recruiting for an experienced Principal Product Security Engineer. The role can be remote-based or located onsite in Danvers, MA or Raritan, NJ. This role will require up to 10% travel. As the world’s...Full timeImmediate startRemote work- ...continuously evolve a suite of internal security tools and platforms — including: ~Vulnerability... ...The successful candidate will engineer scalable, well-tested, end-to-end web applications... ...engineering experience building production web applications end-to-end. ~Strong...Full time
$201.3k - $352.3k
Role Description The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce... ...make a positive impact. ServiceNow seeks a senior staff-level product security engineer to serve as a senior technical authority within the Product...Full timeFlexible hours$95k - $110k
...Description You’ll be responsible for helping secure PTC by providing cyber security expertise... ...and networks. Additionally, the Security Engineer assists in the development of cyber... ...years of experience in Application Security, Product Security, or Software Security...Full timeWork at officeFlexible hours$165k - $185k
Role Description We are seeking an experienced and motivated Staff Product Security Engineer to join our growing Security team. This individual will be responsible for the end-to-end security of our consumer products, digital platform, and an emerging hardware device...Full timeWork at officeRemote workWork from homeFlexible hours$180k - $240k
Role Description We are seeking a seasoned and highly accomplished Senior Staff Product Security Engineer to join our security leadership team. This is a senior individual contributor role that carries significant organizational influence. You will define the technical...Full timeWork at officeLocal areaRemote workWork from homeFlexible hours$174.2k - $293.7k
Role Description SailPoint’s Cybersecurity organization is seeking a Staff Product Security Engineer with a passion for cybersecurity and protecting the organization. The ideal candidate combines strong application security expertise with practical software engineering...Full timeTemporary workRemote workFlexible hoursShift work$180k - $247k
...Secure Every Identity, from AI to Human Identity is the key to unlocking the potential of AI. Okta secures AI by building... ...building a world where Identity belongs to you. The Staff Product Security Engineer Opportunity The Security team's mission is to strengthen...Local areaRemote workWorldwideFlexible hours$160k - $250k
Role Description Help us protect the Security Cloud from the most advanced threats! CrowdStrike's Product Security team breaks the mold of traditional security teams... ...to CrowdStrike's products and platform. As a Sr. Engineer II, Product Security, you will serve as a...Full timeWork at office$40 per hour
A cybersecurity firm is seeking experienced professionals to evaluate AI-generated security content and solve technical security problems. This flexible position allows you to work remotely from various countries, including the US and Canada. Responsibilities include evaluating...Remote jobHourly payFlexible hours$30 - $50 per hour
Role Overview As a Product Security Engineer, you will embed security into the software lifecycle for platforms that handle AI/ML data operations. You will help secure services supporting data labeling, content safety labeling, RLHF evaluation, and model evaluation tooling...Hourly payRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Staff Product Security Engineer. Be the first to apply!










