ABIOMED is redefining team-driven success while reshaping heart recovery. Here, new ideas are welcomed and encouraged, learning is constant, and our dynamic setting enables positive people to do profoundly important work.
As the solutions we provide to patients and health care providers evolve from a technological standpoint, we must remain vigilant in our cybersecurity efforts to ensure we are providing the highest quality devices. We accomplish this by incorporating cybersecurity activities across the total-product-lifecycle of our solutions and integrating these processes with our Quality Management System.
Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First! culture? If that’s you, Abiomed has an immediate opportunity for a Product Security Analyst to join the newly formed Product Security team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards. You will own the Product Security process that includes both pre-market and post-market processes engineering teams leverage throughout the product development lifecycle. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you.
Primary Duties And Responsibilities
- Partner with engineering teams (cloud, console, pump, etc.) to drive successful adherence to Abiomed’s product security program.
- Create, update, and mature product security processes.
- Deliver documentation for pre-market development activities including security plans, architecture and data flow diagrams, threat models, requirements, SBOM, and risk documentation.
- Monitor and drive post-market vulnerability management activities, with adherence to strict timelines.
- Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, etc.
- Identify, research, evaluate, and integrate new compliance requirements and industry standards/trends into the product security program.
- Maintain relationships with Abiomed’s Information Sharing and Analysis Organizations.
- Guide teams to make decisions that balance business needs with security objectives.
- Thinks across organizational boundaries and empathizes with customers, both internal and external.
- Perform other related duties and responsibilities, as assigned.
Bachelor’s degree or equivalent work experience.
Experience and Skills:
- 7+ years industry experience in Information Security and/or regulatory compliance.
- Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).
- Experience with security risk management techniques and tactics.
- Experience working in a regulated environment, FDA-regulated preferred.
- Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines.
- Committed to working with a sense of urgency and embracing new challenges.
- Strong communication and interpersonal skills.
Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com .
Anticipated Salary Range: $99,000- $148,000
The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis.