- 3800 East Centre Ave, Portage, MI, 49002, US
- Remote-US
- United States of America-California-San Jose
- United States of America-Minnesota-Minneapolis
- United States of America-New York-New York
- United States of America-Texas-Dallas
- United States of America-Washington-Seattle
Related content
Why join Stryker?
Looking for a place that values your unique talents? Discover Stryker's award-winning culture.
We are proud to offer you our total rewards package which includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards – not to mention various social and recreational activities, all of which are location specific.
Job description
What You Will Do:
Product Security is driven to make healthcare better by ensuring that Stryker designs, develops, and maintains industry leading cyber secure products for our customers. We are seeking a highly skilled Secure Product Lifecycle Expert to ensure the security of our medical devices across their entire lifecycle. This role is critical in embedding robust security practices into our software development lifecycle (SDL), overseeing post-market security management, and integrating product security into our quality management systems (QMS). The ideal candidate will have experience with embedded systems, a strong understanding of security maturity frameworks such as BSIMM, and familiarity with secure product lifecycle standards like ISO 81001-5-1.
Key Responsibilities:
- Secure Development Lifecycle (SDL): Establish and maintain a robust SDL framework, integrating secure coding, threat modeling, and security testing for embedded systems and IoT devices while ensuring compliance with industry regulations (e.g., FDA, IEC 62304, ISO 81001-5-1).
- Post-Market Security Management: Develop and oversee security monitoring, vulnerability management, and incident response, ensuring timely patches and regulatory compliance while collaborating with external stakeholders.
- Quality Management System (QMS) Integration: Embed security processes into the QMS, support audits, and drive continuous improvements for alignment with security standards such as ISO 81001-5-1.
- Security Maturity & Collaboration: Apply security maturity frameworks (e.g., BSIMM), align with secure product lifecycle standards, and work cross-functionally with R&D, IT, and regulatory teams to prioritize security.
What You Will Need:
Required Qualifications:
- Bachelor's degree in Cybersecurity, Computer Science, or related field with 8+ years of experience, strong expertise in secure development, embedded systems security, and regulatory compliance 8+ years of related experience
- Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK) and standards such as FDA cybersecurity guidance, IEC 62304, ISO 14971, and GDPR.
- Experience with threat modeling, penetration testing, security assessments, and the ability to communicate cybersecurity concepts across technical and non-technical teams.
- Industry certifications (e.g., CISSP, CSSLP, CISM),
- Experience in medical devices or regulated industries with familiarity in risk management processes (e.g., FedRAMP, RMF, ATO).
Preferred Qualifications:
- Experience conducting HIPAA security assessments.
- Familiarity with VA or DHA risk management processes (FedRAMP, RMF, ATO).
- $129k - $286k salary plus bonus eligible + benefits. Actual minimum and maximum may vary based on location. Individual pay is based on skills, experience, and other relevant factors.