Senior Cybersecurity Engineer (Hybrid or Remote) at Q Bio

Redwood City, California, United States

Apply Now

$170,000 – $200,000Compensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Healthcare, Medical DevicesIndustries

Requirements

Expertise in Secure Software Development Lifecycle (SDLC) integration for FDA-regulated medical devices
Experience leading threat modeling and security risk analysis (per ISO 14971)
Knowledge of FDA 510(k) submissions, IEC 62304, and medical device security standards
Ability to author, review, and own cybersecurity documentation for regulatory submissions
Skills in vulnerability management, penetration testing, and remediation planning
Experience developing incident response plans and vulnerability disclosure policies
Proficiency in compliance frameworks like SOC 2, HIPAA, NIST CSF
Background in security architecture reviews and risk assessments for IT and cloud infrastructure (AWS/GCP/Azure)
Expertise in vendor/third-party risk management programs
Knowledge of Identity & Access Management (IAM) and principle of least privilege

Responsibilities

Integrate security best practices and tools into every phase of the product development lifecycle (SDLC)
Lead and perform threat modeling and security risk analysis for medical device software
Author, review, and own cybersecurity documentation for FDA 510(k) and post-market plans; ensure alignment with FDA guidance and standards
Serve as primary cybersecurity SME for regulatory interactions, FDA submissions, and audits
Partner with teams to define and document security requirements, controls, and architecture
Manage and coordinate third-party penetration testing, internal vulnerability assessments, and remediation plans
Develop, implement, and maintain incident response plans for product security events
Continuously assess security posture, perform gap analyses against standards (SOC 2, HIPAA, NIST CSF), and own strategic roadmap
Lead SOC 2 certification and HIPAA compliance initiatives; develop and manage security controls and policies
Develop, implement, and enforce company-wide information security policies, procedures, and standards
Conduct security reviews and risk assessments of corporate IT and cloud infrastructure; implement security controls
Establish and manage vendor/third-party risk assessment and monitoring program
Oversee and improve IAM policies and solutions

Skills

Key technologies and capabilities for this role

SDLCThreat ModelingISO 14971FDA 510(k)IEC 62304Regulatory ComplianceMedical Device SecurityRisk AnalysisSecurity Architecture

Questions & Answers

Common questions about this position

What is the salary range for the Senior Cybersecurity Engineer position?

The salary range is $170,000 - $200,000 a year.

Is this role remote or hybrid, and what are the location requirements?

The role is offered as hybrid or remote.

What key skills and experiences are required for this cybersecurity role?

Key skills include expertise in Secure Software Development Lifecycle (SDLC), threat modeling and risk analysis (ISO 14971), FDA and regulatory compliance (IEC 62304), vulnerability management, penetration testing, and compliance frameworks like SOC 2 and HIPAA.

What is the company culture like at Q Bio?

This information is not specified in the job description.

What makes a strong candidate for this Senior Cybersecurity Engineer role?

Strong candidates will have deep experience in medical device security within FDA-regulated environments, including SDLC integration, threat modeling, regulatory documentation for FDA 510(k), and leading compliance initiatives like SOC 2 and HIPAA.

Q Bio

Offers preventive health assessments and monitoring

About Q Bio

Q.bio specializes in preventive medicine by detecting early signs of disease before symptoms occur, which allows for timely interventions. Their main product, the Q Exam, collects health data from various sources and stores it in a personalized BioVault, accessible through a telemedicine-friendly Q Dashboard. Unlike competitors, Q.bio offers a comprehensive health assessment and a subscription model for continuous monitoring, empowering clients to manage their health proactively. The company's goal is to transform healthcare by providing detailed insights that facilitate early disease detection.

San Carlos, CaliforniaHeadquarters

2015Year Founded

$65.2MTotal Funding

LATE_VCCompany Stage

HealthcareIndustries

11-50Employees