Senior Security Engineer – Medical Device Cybersecurity & Compliance at Arrow Electronics

Ahmedabad, Gujarat, India

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Medical Devices, HealthcareIndustries

Requirements

Minimum 6 years of experience in cybersecurity
At least 3 years of experience in medical devices, embedded systems, or IoT security
Strong understanding of IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97
Proven track record in authoring security design, defining technical requirements, and documenting security architectures
Hands-on experience in embedded system security including secure boot, firmware security, threat modeling techniques (e.g., STRIDE, DREAD), and product-level risk assessments
Demonstrated expertise in vulnerability management and penetration testing of connected products
Familiarity with data privacy and interoperability standards such as HIPAA, GDPR, and HL7 (highly desirable)

Responsibilities

Drive end-to-end cybersecurity integration across the medical device product development life cycle
Develop and maintain cybersecurity for medical products, including security requirements specifications, risk assessments, threat models, and product security architecture documentation
Conduct thorough gap assessments to evaluate compliance with IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97 standards, and implement remediation measures
Perform hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, IoMT components, and connected systems
Collaborate closely with development, compliance, and regulatory teams
Support SBOM management, software supply chain risk evaluations, and third-party component analysis
Provide expert input on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems
Assist in developing incident response strategies
Address data privacy and healthcare-specific regulatory concerns (HIPAA, GDPR, HL7)
Contribute to the continuous enhancement of internal secure development processes, tools, and methodologies

Skills

Key technologies and capabilities for this role

IEC 81001-5-1IEC 60601-4-5AAMI TIR 57AAMI TIR 97STRIDEDREADsecure bootfirmware securitythreat modelingpenetration testingvulnerability managementembedded systems securityIoT securityHIPAAGDPRHL7

Questions & Answers

Common questions about this position

What experience level is required for this Senior Security Engineer role?

The role requires a minimum of 6 years of experience in cybersecurity, with at least 3 years focused on medical devices, embedded systems, or IoT security, and overall 5-10 years experience level.

What key technical skills are needed for this position?

Candidates need hands-on experience in embedded system security including secure boot, firmware security, threat modeling (e.g., STRIDE, DREAD), vulnerability management, penetration testing, and strong knowledge of standards like IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97.

Is this a remote position or what is the location policy?

This information is not specified in the job description.

What is the salary or compensation for this role?

This information is not specified in the job description.

What makes a strong candidate for this Senior Security Engineer position?

A strong candidate will have proven experience authoring security designs, conducting penetration testing on embedded devices, deep knowledge of medical device regulations like IEC 81001-5-1, and familiarity with data privacy standards such as HIPAA and GDPR.

Arrow Electronics

Global provider of technology solutions and services

About Arrow Electronics

Arrow Electronics provides technology solutions that support innovation for technology manufacturers and service providers. The company develops and delivers high-tech solutions that improve business operations and everyday life. Its offerings include computing, power management, and Internet of Things (IoT) applications. Arrow collaborates with clients to create complex technology systems, such as smart battery ecosystems for electric motorbikes and wearable health monitoring devices for firefighters. Unlike many competitors, Arrow not only sells technology products but also offers consulting and engineering services to help clients design and implement customized systems. The goal of Arrow Electronics is to drive innovation and enhance efficiency and quality of life through its comprehensive technology solutions.

Englewood, ColoradoHeadquarters

1935Year Founded

IPOCompany Stage

Hardware, Enterprise Software, AI & Machine LearningIndustries

10,001+Employees

Risks

Increased competition in cloud services could impact Arrow's growth.

Rapid technological changes in IoT may challenge Arrow's innovation pace.

Supply chain vulnerabilities, especially in semiconductors, could disrupt product delivery.

Differentiation

Arrow Electronics offers comprehensive technology solutions across multiple industries.

The company collaborates with clients to engineer complex technology systems.

Arrow's business model includes consulting and engineering services for customized solutions.

Upsides

Growing demand for IoT security solutions presents expansion opportunities for Arrow.

Increased investment in smart city projects boosts demand for Arrow's integrated systems.

Rising interest in sustainable tech aligns with Arrow's electric motorbike technologies.

Land your dream remote job 3x faster with AI

Try Jobo Free