Senior Product Security Engineer

A Senior Product Security Engineer at Elekta supports product security across the organization, protecting customer systems globally. The role reports to the Chief Product Security Office / Head of Product Security and works embedded with multiple software and hardware development teams.

Your Responsibilities

• Bring technical security skills to support stakeholders such as Architecture, Engineering, IT, and Testing teams to implement security capabilities.
• Develop deliverables to meet medical device regulatory requirements globally.
• Implement end‑to‑end medical device risk assessments in alignment with SW96 risk assessment.
• Perform in‑depth analysis of security posture of hardware and software products independently and as part of engineering teams.
• Develop cybersecurity requirements for medical devices.
• Execute vulnerability assessments, penetration tests and secure code scanning.
• Track vulnerabilities identified in development, testing, and post‑market monitoring and work on resolutions and mitigations.
• Respond to cybersecurity questionnaires from customers.
• Support global teams for cybersecurity‑related requests.
• Serve as cybersecurity subject‑matter expert for software teams and the local site.
• Analyze security incidents to determine root cause.
• Keep up‑to‑date on emerging cybersecurity technologies and trends to help other employees understand the critical role of cybersecurity in product development.

Qualifications

• Bachelor’s degree in a related field or equivalent experience/training.
• 7+ years of experience in cybersecurity‑related job roles, preferably in product security and IT Security.
• Experience performing cybersecurity risk assessments and analysis following medical device standards.
• 3 years of experience working with software development.
• Experience with Linux, Windows, Citrix, and Network Operating Systems.
• Familiarity with FDA 524B, MDR, IEC/ISO, NMPA, ISO 27001, and NIST guidance.
• Understanding of the secure development lifecycle of medical devices and software including secure coding techniques, OWASP, and best practices.
• Experience in an FDA/MDR‑regulated field (Medical Device/Pharmacy) is a plus but not required.
• Experience in a DevSecOps role is a plus but not required.
• Threat hunting experience is a plus.
• Security certifications from (ISC)2, CompTIA, or similar are a plus but not required.

Benefits

• Up to 25 paid vacation days (plus bank holidays).
• Holiday Purchase Scheme.
• Private Medical Insurance.
• Attractive Employer Pension Contribution Package.
• Cycle‑to‑work scheme.
• Life Assurance.
• Onsite subsidized restaurant with budget‑friendly dining.
• Electric vehicle salary sacrifice scheme.

EEO Statement

We are an equal opportunity employer. We evaluate qualified applicants without regard to age, race, colour, religion, sex, sexual orientation, gender identity, genetic information, national origin, disability, veteran status, or any other protected characteristic.

How to Apply

Submit your application and résumé in English via the “Apply” button. Applications submitted by e‑mail are not accepted.

#J-18808-Ljbffr…