Principal Med Device Security Engineer

Johnson & Johnson

Remote

Quick summary

Work type
Remote
Location
Danvers, MA · SC · NV · ME · PA
Salary
$102,000–$177,100 / yr
Posted
3 days ago
Nearby
99+ roles within 25 mi

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $167k
This role $140k
$90k most similar roles pay here $215k

This role pays less than 80% of similar roles. Most pay $142,400–$192,162 — the shaded band above. At the midpoint, this role pays about $140k versus about $167k for comparable roles.

Based on 240 similar postings.

Employer

About Johnson & Johnson

Johnson & Johnson is a multinational corporation operating in three main segments: consumer health products, pharmaceuticals, and medical devices, known for brands like Tylenol, Band-Aid, and Janssen. Industry: Pharmaceuticals & Medical Devices

Johnson & Johnson currently has 63 open roles on FindRole.

Listed pay typically runs $122,000–$201,250 across 63 roles with salary data.

Most-posted roles

View all roles at Johnson & Johnson

At a glance

TL;DR · Principal Med Device Security Engineer

Apply Now Log in to save

Johnson & Johnson’s MedTech cybersecurity team is seeking a Principal Product Security Engineer to join the Product Cybersecurity group in Danvers, MA or Raritan, NJ, with up to 10% travel. This role involves implementing J&J’s enterprise Product Security strategy for medical devices like Impella heart pumps and connected systems, ensuring robust security across development phases from pre-market through post-market support. Key responsibilities include defining secure boot mechanisms, enforcing cryptographic protocols, managing key infrastructure, conducting real-time vulnerability assessments, and overseeing OTA updates while adhering to FDA guidelines and NIST standards. The ideal candidate has 8+ years of industry experience in information security, with a focus on embedded systems and medical device cybersecurity, along with expertise in threat modeling, risk assessment, and regulatory compliance.

Skills

Python Cryptography NIST 800-175 FIPS 140-3 IEC 62443 Zero Trust TLS mTLS PKI HSMs TPMs Secure Enclave Integration RTOS Bare-Metal Firmware Cloud Security CVSS 3.1 STRIDE SBOM SCA QNX QOS Yocto Linux Ubuntu Alpine FDA Cybersecurity Guidance NIST 800-53 IMDRF AAMI TIR57 HITRUST ISO 27001 CISSP CISM

What you'll do

  • Define and implement secure boot mechanisms to protect device firmware.
  • Enforce cryptographic protocols for data security in compliance with FDA requirements.
  • Develop real-time vulnerability assessment techniques for wireless communications.
  • Implement Zero Trust security models for device-to-cloud connectivity.
  • Lead Secure Development Lifecycle practices, integrating threat modeling and analysis.
  • Work with R&D Engineering to define hardware security architecture and protections.
  • Respond to customer cybersecurity questionnaires and contractual language post-market.

What we're looking for

  • 8+ years of industry experience in Information Security
  • 5+ years of experience with embedded systems, IoT, or medical device cybersecurity
  • Experience generating threat models and performing risk assessments using CVSS 3.1
  • Knowledge of regulatory compliance for FDA Cybersecurity Guidance (2025), EU MDR, NIST 800-53, IMDRF, AAMI TIR57
  • Ability to translate technical security requirements into solutions and provide secure coding recommendations
  • Strong communication and collaboration skills with the ability to influence at all levels of the organization
  • Experience supporting regulatory security submissions and third-party penetration testing

Related searches

More Principal Med Device Security Engineer jobs Principal Med Device Security Engineer jobs in Danvers Remote Principal Med Device Security Engineer jobs All jobs at Johnson & Johnson

More like this

Similar roles

Staff Security Engineer

CVS Health

Remote (Work At Home-Washington, US) 34 days ago $130,295$260,590
Python SQL AWS GCP Azure Splunk ELK LogRhythm QRadar Sentinel Chronicle CI/CD Databricks HTML JavaScript CSS
Remote
Save

Security Engineer

Adobe

Seattle 60 days ago $180,600$261,450
Entra ID AD Okta SailPoint Zero Trust RBAC ABAC M365 Slack GitHub Workday Google Python PowerShell Terraform Teleport Vault SPIFFE SPIRE CI/CD
Save

Security Engineer

Booz Allen Hamilton

Annapolis Junction, MD 22 days ago $112,800$257,000
Elasticsearch Kibana Logstash Beats Fleet ES QL EQL Elastic Security SOAR n8n XSOAR Elastic transforms runtime fields RAG architectures vector search Python scikit-learn PyTorch AI/ML concepts
Save

Security Engineer

Leidos

Reston, VA 17 days ago $131,300$237,350
AWS Azure DISA_STIGs Nessus Splunk PRTG Trellix_Endpoint_Security ePolicy_Orchestrator CI/CD Agile Linux RHEL Windows Python SQL PostgreSQL Active_Directory Network_Monitoring SIEM Threat_Modeling OWASP Microsoft_Threat_Modeling_Tool NIST_RMF Red_Hat_OpenShift Kubernetes Terraform
Save

Security Systems Engineer

Booz Allen Hamilton

Atlanta, GA 14 days ago $69,300$158,000
Armis Elastic Stack Bash Perl JavaScript Python CI/CD Kubernetes Docker AWS Azure Google Cloud Platform Terraform Ansible PostgreSQL MongoDB Redis Git Jenkins Prometheus Grafana Splunk SIEM Nmap Wireshark
Save

Principal Security Engineer

Zillow

Remote (Remote-Usa, US) 28 days ago $168,600$269,400
AWS GCP Azure Python Threat Modeling Secure Design Reviews Penetration Testing AI Security Data Protection Identity Management Networking Model Abuse Detection Prompt-Based Attacks Unintended System Behavior CI/CD Cloud-Native Security LLM-Enabled Systems
Remote
Save