Remote Senior Cybersecurity Engineer (Hybrid or Remote)

at Q Bio

Posted 3 days ago 1 applied

Description:

At Q Bio, we are transforming healthcare by combining AI, Physics, and Biology to automate the physical exam, making preventive, personalized care accessible to all.
We are hiring a Senior Cybersecurity Engineer to join our dynamic team, focusing on embedding security throughout our product lifecycle.
You will be instrumental in designing, building, automating, and maintaining the secure deployment and monitoring of our cutting-edge products.
The salary for this position ranges from $170,000 to $200,000 a year.

What You Will Do:

Product & Medical Device Security (FDA Regulated Environment):
- Integrate security best practices and tools into every phase of the product development lifecycle, from design and requirements to coding, testing, and deployment.
- Lead and perform threat modeling and security risk analysis (per ISO 14971) for new and existing medical device software.
- Author, review, and own all cybersecurity-related documentation for regulatory submissions (e.g., FDA 510(k) pre-market and post-market management plans).
- Serve as the primary cybersecurity subject matter expert (SME) for regulatory interactions, including responding to questions during FDA submissions and representing the company's cybersecurity posture during audits.
- Partner with Product Management, Engineering, and Quality teams to define and document security requirements, controls, and architecture for our medical device platforms.
- Manage and coordinate third-party penetration testing and internal vulnerability assessments of our products, developing and overseeing the remediation action plan.
- Develop, implement, and maintain an incident response plan for product-related security events, including vulnerability disclosure policies.
Corporate Security & Compliance:
- Continuously assess the company's security posture against evolving business needs and emerging threats, identifying relevant security standards (e.g., SOC 2, HIPAA, NIST CSF) and performing regular gap analyses.
- Lead the initiative to achieve and maintain SOC 2 certification for our platform and business operations, developing and managing the security controls and policies required for SOC 2 and HIPAA Security Rule compliance.
- Develop, implement, and enforce company-wide information security policies, procedures, and standards.
- Conduct security architecture reviews and risk assessments of our corporate IT and cloud infrastructure (AWS/GCP/Azure), implementing and managing security controls to protect corporate data and systems.
- Establish and manage a program to assess and monitor the security posture of third-party vendors and partners.
- Oversee and improve the company's Identity & Access Management (IAM) policies and solutions to ensure the principle of least privilege is maintained.

Requirements:

You must have 5+ years of experience in cybersecurity, with at least 3-5 years in a hands-on, senior or lead role.
Proven experience in a regulated industry is required, with a strong preference for MedTech (medical devices), HealthTech, or Life Sciences.
You should have demonstrated, hands-on experience with FDA cybersecurity guidance for medical devices, contributing to the cybersecurity sections of regulatory submissions (e.g., 510(k), PMA), and acting as a subject matter expert in direct interactions with regulatory bodies.
Direct experience leading or playing a primary role in achieving and maintaining SOC 2 and/or HIPAA compliance is necessary.
Strong experience with application security, secure SDLC practices, threat modeling (e.g., STRIDE), and vulnerability management for software products is essential.
You must possess deep knowledge of securing cloud environments and services (AWS, GCP, or Azure).
Proficiency with security assessment tools, IAM systems, endpoint protection, and network security concepts is required.
A Bachelor's degree in Computer Science, Information Security, or a related field is mandatory.
Relevant professional certifications are highly desirable (e.g., CISSP, CISM, HCISPP, CSSLP).

Benefits:

You will be part of a transformative team that is making preventive, personalized care accessible to all.
The position offers a competitive salary ranging from $170,000 to $200,000 a year.
You will have the opportunity to work in a hybrid or remote environment, providing flexibility in your work location.
You will play a crucial role in shaping the security posture of innovative healthcare products, contributing to meaningful advancements in the industry.

Apply now

Please let Q Bio know you found this job on RemoteYeah. This helps us get more companies to post jobs here for you.

Hiring company

Q Bio

View all Q Bio jobs Visit q.bio

About the job

Posted on

July 19, 2025

Job type

Full-time

Salary

$170,000—$200,000 / year

Location requirements

🇺🇸 United States

Job title

Cybersecurity Engineer

Experience level

Senior

Degree requirement

🎓 Degree required

Skills

AWS Azure GCP Web security

Benefits

Report this job

Job expired or something else is wrong with this job?

Report job