Principal Cyber Security Engineer

About MicroTransponder MicroTransponder, Inc. is dedicated to transforming the lives of stroke survivors through its innovative neurostimulation technology. The company's flagship product, the FDA-approved Vivistim® Paired VNS™ System, enhances stroke rehabilitation by pairing vagus nerve stimulation (VNS) with physical and occupational therapy. This approach leverages the brain's neuroplasticity to improve upper limb function, offering new hope to those with chronic arm and hand impairments following an ischemic stroke. By integrating this therapy into rehabilitation programs, MicroTransponder aims to help stroke survivors regain independence in daily activities and enhance their quality of life. The company's commitment to advancing stroke recovery is evident in its ongoing research and collaboration with healthcare providers to make this therapy accessible to more patients. About The Role The Principal Cybersecurity Engineer is a senior, hands-on role responsible for architecting, implementing, and operating cybersecurity programs across MicroTransponder’s corporate IT environment and medical device products, including the Vivistim Paired VNS Therapy system. Working in close partnership with the Director of IT and Cybersecurity, this role has significant influence on the company’s security strategy and plays a pivotal role in strengthening the overall security posture while supporting regulatory expectations for active implantable medical devices. The successful candidate will collaborate closely with internal teams including Quality, Operations, Regulatory, Clinical, IT, R&D, and Sales, as well as external partners and regulatory bodies, to integrate cybersecurity controls throughout product lifecycles and corporate operations. What You'll Do • Design and maintain enterprise cybersecurity architecture, including identity and access management, network security, endpoint protection, and cloud security • Implement and operate security technologies, including SIEM, EDR, vulnerability management, DNS filtering, email security, and network segmentation • Lead incident response, threat hunting, and security automation initiatives to improve detection, response, and recovery capabilities • Establish and lead the product security program for medical devices across their lifecycle in collaboration with R&;D, Quality, and Regulatory teams. • Conduct security risk assessments, threat modeling, and vulnerability analysis for active implantable medical devices • Facilitate alignment with FDA premarket and postmarket cybersecurity guidance and applicable standards including IEC 81001-5-1, IEC 62443, and ISO 14971 • Support postmarket cybersecurity activities, including vulnerability assessment coordinated disclosure, and remediation planning • Develop and maintain cybersecurity policies, procedures, and standards aligned with NIST Cybersecurity Framework, CIS Critical Security Controls, ISO 27001, and medical device regulations • Support regulatory compliance activities related to HIPAA, FDA 21 CFR Part 11, ISO 13485, and IEC 62304 • Oversee and guide enterprise patch management practices, including vulnerability prioritization, coordination with IT operations, and validation of remediation for critical systems • Administer and secure the company’s external web hosting environment, including configuration hardening, monitoring, penetration testing, and coordination with hosting vendors • Conduct third-party risk assessments, support internal and external audits, and participate in Design Assurance activities including FMEA Qualifications • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Electrical Engineering, or a related field from an accredited university, or equivalent practical experience • 8+ years of progressive cybersecurity experience, with experience in medical devices or other regulated industries strongly preferred • Professional certifications such as CISSP, CCSP, CISM, CRISC, or similar are strongly preferred • Experience securing enterprise productivity and collaboration environments, including Microsoft 365 and Google Workspace • Deep expertise in enterprise security architecture, identity and access management, cloud security, and security technologies such as SIEM, EDR, vulnerability management, and security driven patching • Experience with product security, medical device regulations including FDA guidance, IEC 81001-5-1, IEC 62443, and ISO 14971, and compliance frameworks such as NIST • Cybersecurity Framework, CIS Critical Security Controls, ISO 27001, and HIPAA • Working knowledge of secure software development lifecycle (SDLC) practices • Strong scripting and automation skills (PowerShell, Python, or similar), along with excellent communication skills and the ability to convey technical concepts to non- technical audiences • Demonstrated ability to work effectively with cross-functional teams and manage multiple priorities Equal Opportunity Employer MicroTransponder, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Benefits MicroTransponder provides a comprehensive benefits program to employees. It includes medical, dental and vision plans along with an FSA. Employees may participate in the company 401(k) plan with company matching. The company offers an unlimited Paid Time Off (PTO) program and approximately 15 paid company holidays per year. Apply now Apply tot his job