Principal Engineer (Penetration Tester Lead), Global Product Cybersecurity Job

Company Name: Boston Scientific

Location: Arden Hills, MN, US - 55112

Job Duration: 2021-07-22 to 2021-08-21


Additional Locations:


Diversity – Innovation – Caring – Global Collaboration – Winning Spirit – Caring – High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.


About the role:
Boston Scientific is seeking a product cybersecurity engineer whose primary responsibility is to provide program management to Boston Scientific’s medical device penetration testing program.  This role offers a unique opportunity for a highly skilled security professional to be involved in improving the security posture of Boston Scientific’s medical systems and devices – across all specialties.


The candidate must have a combination of strong communication and technical skills in order to implement and support the functional and technical aspects of the penetration testing program and work collaboratively with a team of internal staff and consultants to execute its components.  He/she will work alongside a team of analysts, IT/R&D engineers and architects, supporting pre and post market penetration testing activities.  The ideal candidate will have a penetration testing background and be looking for using those skills combined with coordination expertise to lead the testing program and development of a robust internal testing team.  He/she is expected to have time to maintain proficiencies in performing penetration testing.  

This role is part of the Global Research and Development organization, reporting directly to the Sr. Manager of Product Cybersecurity.

Your responsibilites include: 

  • Lead coordination efforts for penetration tests using external consultants and internal employees.
  • Communicate clearly with all stakeholders to ensure successful penetration tests and to advocate for security wherever possible.
  • Provide lessons learned and summaries of penetration tests to other internal stakeholders in order to advance the security of all product lines.
  • Refine and report on penetration testing program metrics.
  • Mentor internal penetration testers.
  • Serve as a subject matter expert on penetration testing to senior management and testing team.
  • Provide recommendations on testing equipment and training needs for the team.
  • Knowledge sharing – use your experience to improve context on pen-test targets and prioritize the most relevant threat vectors.
  • Continuously grow your skills through education, training, conferences, or other means.
  • Work independently to identify and close knowledge gaps.
  • Engage and contribute to team discussions to ensure all voices and perspectives are included.
  • Mindset of ownership and continuous improvement –drive positive change on the team through proactive work.

Additional Requirements:

  • Foster a diverse workplace that enables all participants to contribute to their full potential in pursuit of organizational objectives.
  • May lead and control the activities in one or more functional areas, divisions, product groups, projects/programs and/or operations.
  • Monitor and ensure compliance with company policies and procedures (e.g. federal/country and regulatory requirements).


What we’re looking for: 

  • Bachelor’s degree or higher; Master’s degree preferred
  • Background/experience in Research & Development and/or Information Technology,
  • 3+ years of penetration testing experience and/or experience directing a penetration testing program.  Systems engineers with a focus on product security will also be considered.
  • Experience in a regulated environment (e.g. aerospace, defense, medical device manufacturer, or health care organizations).
  • Drive and a passion for securing products.
  • Cybersecurity certifications (e.g. CEH, CISSP, CSSLP).



Requisition ID: 476500


As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!


At Boston Scientific, we recognize that nurturing a diverse and inclusive workplace helps us be more innovative and it is important in our work of advancing science for life and improving patient health. That is why we stand for inclusion, equality, and opportunity for all. By embracing the richness of our unique backgrounds and perspectives, we create a better, more rewarding place for our employees to work and reflect the patients, customers, and communities we serve. Boston Scientific is proud to be an equal opportunity and affirmative action employer.


Boston Scientific maintains a drug-free workplace. Pursuant to Va. Code § 2.2-4312 (2000), Boston Scientific is providing notification that the unlawful manufacture, sale, distribution, dispensation, possession, or use of a controlled substance or marijuana is prohibited in the workplace and that violations will result in disciplinary action up to and including termination.