Cybersecurity Risk Analyst Jobs in Minnesota (NOW HIRING)

Additional Location(s): US-MN-Arden Hills

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.           

Boston Scientific is seeking a Product Cybersecurity Engineer to lead and support critical post-market cybersecurity activities within the Cardiac Rhythm Management (CRM) Research and Development (R&D) organization. This role focuses on operationalizing security processes and ensuring compliance with quality systems, while maintaining the security posture of the company’s products, applications, and supporting infrastructure. The engineer will also assist in implementing cybersecurity plans for individual CRM products.

The ideal candidate combines strong technical expertise with excellent communication skills to execute and support both functional and technical aspects of the cybersecurity strategy. This position requires close collaboration with internal teams and external consultants to deliver secure, compliant solutions.

As part of the CRM R&D organization, the engineer will work alongside analysts, IT/R&D engineers, and architects to address pre- and post-market product security needs. Responsibilities include application security, vulnerability assessments, threat modeling, penetration testing, security tool implementation, hospital cybersecurity inquiries, and contract reviews, among other key initiatives.

Work model, sponsorship, relocation:

This role follows an onsite work model. Employees are expected to work from our Arden Hills, MN office at least four days per week. Boston Scientific will not offer sponsorship or take over sponsorship of an employment visa for this position. Relocation assistance is not available for this position.

Your responsibilities will include: 

• Support and manage applicable tools for pre and post market security testing, support integration of the tools into the quality processes.
• Support post-market activities to identify known/unknown vulnerabilities associated with Boston Scientific’s products, including new/sustaining products, providing inputs/technical expertise to multiple teams to eliminate/mitigate identified cybersecurity risks. 
• Monitor changes in security controls of products and update the product inventory and tracking database as needed and communicate to stakeholders.
• Support negotiations of hospital cybersecurity agreements by reviewing technical clauses with Legal and Research & Development subject matter experts.
• Support, as needed, security risk assessment and threat modelling services for CRM products businesses and product development life cycle. 
• Support, as needed, application security reviews and vulnerability/penetration testing of Boston Scientific’s medical devices and software.

Qualifications:

Required qualifications:

• Bachelor’s degree or higher
• 8+ years of Research & Development or Information Technology experience, preferably in cybersecurity roles in medical device development or health care organizations.
• Drive for learning cybersecurity and a passion for securing products.
• Experience with vulnerability analysis of Windows and Linux operating systems as well as software.
• Experience across various OS platforms such as Windows, MacOS, Linux, and Mobile (iOS, Android).
• General understanding of cybersecurity techniques, controls, and methodologies from frameworks such as NIST Special Publications and ISO standards.

Preferred qualifications:

• Cybersecurity certifications (e.g. Network+, Security+, CSSLP, HCISPP, CEH, CISSP) a plus.

Requisition ID: 626235 

Minimum Salary: $ 85000 

Maximum Salary: $ 161500 

The anticipated compensation listed above and the value of core and optional employee benefits offered by Boston Scientific (BSC) – see www.bscbenefitsconnect.com—will vary based on actual location of the position and other pertinent factors considered in determining actual compensation for the role. Compensation will be commensurate with demonstrable level of experience and training, pertinent education including licensure and certifications, among other relevant business or organizational needs. At BSC, it is not typical for an individual to be hired near the bottom or top of the anticipated salary range listed above.

Compensation for non-exempt (hourly), non-sales roles may also include variable compensation from time to time (e.g., any overtime and shift differential) and annual bonus target (subject to plan eligibility and other requirements).

Compensation for exempt, non-sales roles may also include variable compensation, i.e., annual bonus target and long-term incentives (subject to plan eligibility and other requirements).

For MA positions: It is unlawful to require or administer a lie detector test for employment. Violators are subject to criminal penalties and civil liability.

Boston Scientific transforms lives through innovative medical technologies that improve the health of patients around the world. As a global medical technology leader for more than 45 years, we advance science for life by providing a broad range of high-performance solutions that address unmet patient needs and reduce the cost of healthcare. Our portfolio of devices and therapies helps physicians diagnose and treat complex cardiovascular, respiratory, digestive, oncological, neurological and urological diseases and conditions. Learn more at www.bostonscientific.com and follow us on LinkedIn.

Boston Scientific Corporation has been and will continue to be an equal opportunity employer. To ensure full implementation of its equal employment policy, the Company will continue to take steps to assure that recruitment, hiring, assignment, promotion, compensation, and all other personnel decisions are made and administered without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, gender expression, veteran status, age, mental or physical disability, genetic information or any other protected class.

Please be advised that certain US based positions, including without limitation field sales and service positions that call on hospitals and/or health care centers, require acceptable proof of COVID-19 vaccination status.  Candidates will be notified during the interview and selection process if the role(s) for which they have applied require proof of vaccination as a condition of employment.  Boston Scientific continues to evaluate its policies and protocols regarding the COVID-19 vaccine and will comply with all applicable state and federal law and healthcare credentialing requirements.   As employees of the Company, you will be expected to meet the ongoing requirements for your roles, including any new requirements, should the Company’s policies or protocols change with regard to COVID-19 vaccination.

Among other requirements, Boston Scientific maintains specific prohibited substance test requirements for safety-sensitive positions.  This role is deemed safety-sensitive and, as such, candidates will be subject to a prohibited substance test as a requirement.  The goal of the prohibited substance testing is to increase workplace safety in compliance with the applicable law.