Jobs · Information Technology · Massachusetts

Sr. Product Security Engineer II

Glaukos Corporation · Burlington, MA · 3 wk ago
Information TechnologyFull-time

What You’ll Do

  • Define and drive implementation of technical security requirements and risk mitigations for new products and features.
  • Create and maintain security architecture diagrams and models, including trust boundaries, data flows, and security control placement.
  • Lead threat modeling for device features and connectivity use cases (local, network, cloud, removable media, service interfaces).
  • Specify and review security control designs for authentication/authorization, secure communications, cryptographic key handling, secure logging, secure storage, and secure update mechanisms.
  • Embed secure development practices into the engineering lifecycle: threat modeling, secure design reviews, secure coding, peer review criteria, and security gates for releases.
  • Work with IEC 81001-5-1 standard Platform Hardening (Windows and Linux Devices)
  • Partner with engineering teams to implement OS and application hardening measures, such as least privilege, service isolation, secure boot, host firewalling, and endpoint logging.
  • Establish technical standards for account management, privilege management, remote access/service modes, and secure debug/manufacturing workflows.
  • Firmware and Software Security Engineering
  • Work with firmware teams to improve security of embedded components, device interfaces, and update flows (signed firmware, integrity verification, rollback considerations).
  • Work with software teams to implement secure coding practices and standards.
  • Collaborate with QA to integrate automated security testing into regression and release pipelines.
  • Generate and maintain technical security artifacts used for FDA-aligned submissions and internal design controls.
  • Maintain records of vulnerability assessments, mitigations, and patch processes.
  • Support audit and inspection readiness with thorough, traceable documentation.
  • Vulnerability & Incident Management
  • Lead vulnerability assessment and mitigation activities for product software, firmware, OS components, and third-party libraries.
  • Cross-Functional Leadership
  • Act as the security subject matter expert across product teams.
  • Provide training and mentoring to engineers on secure design and coding practices.
  • Partner with compliance, regulatory, and quality teams to align product security strategy with organizational goals.

Similar jobs

Sr. Product Security Engineer

Rivian and Volkswagen Group TechnologiesPalo Alto, CA· 1 wk ago
Information Technology$163k–$204k/yrapply on jobs.ashbyhq.com