Responsibilities
Perform application security assessments across software products, cloud services, and supporting infrastructure.
Provide security input to threat models, including identification of risks, mitigations, and residual risk.
Plan, coordinate, and manage penetration testing activities, including scoping, execution, and remediation tracking.
Review, analyze, and interpret penetration test and vulnerability assessment results.
Partner with IT and engineering teams to validate findings, recommend mitigations, and track remediation to closure.
Support preparation of cybersecurity documentation for regulatory submissions, including FDA 510(k) filings and NIST requirements.
Apply NIST-based cybersecurity frameworks and guidance to application, infrastructure, and product security efforts.
Partner with the Product Security team to align application security practices with product risk management processes.
Contribute technical input to security artifacts such as threat models, vulnerability assessments, and cybersecurity risk documentation
Collaborate with engineering, quality, and regulatory stakeholders to ensure security requirements are understood and addressed.
Contribute to continuous improvement of application security processes, standards, and documentation.
Assist in responding to internal and external security assessments, audits, and regulatory inquiries related to cybersecurity.
Qualifications
Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field, or equivalent experience.
8+ years of experience in cybersecurity with a focus on application security, penetration testing, infrastructure security, or product security.
Experience supporting cybersecurity activities in a regulated environment such as medical devices or healthcare technology.
Demonstrated experience working with NIST cybersecurity standards and frameworks.
Experience supporting or contributing to FDA regulatory submissions, including 510(k) documentation, from a cybersecurity perspective.
Skills:
Strong application security testing and vulnerability assessment skills.
Hands-on experience managing and interpreting penetration testing activities.
Working knowledge of secure software development practices and threat modeling methodologies.
Ability to communicate security risks and recommendations clearly to technical and non-technical stakeholders.
Strong project managment, analytical, documentation, and problem-solving skills.
To apply for this job please visit irhythmtech.wd5.myworkdayjobs.com.
