Cyber Security Specialist - Medical Device

eInfochips (An Arrow Company):

eInfochips, an Arrow company (A $27.9 B, NASDAQ listed (ARW); Ranked #133 on the Fortune List), is a leading global provider of product engineering and semiconductor design services. 25+ years of proven track record, with a team of over 2500+ engineers, the team has been instrumental in developing over 500+ products and 40M deployments in 140 countries. Companys service offerings include Silicon Engineering, Embedded Engineering, Hardware Engineering & Digital Engineering services. eInfochips services 7 of the top 10 semiconductor companies and is recognized by NASSCOM, Zinnov and Gartner as a leading Semiconductor service provider.

s :

Experience Level: 5+ years

Key Responsibilities:

• Drive end-to-end cybersecurity integration across the medical device product development life cycle, ensuring security is embedded from concept to release.
• Develop and maintain cybersecurity for medical products, including security requirements specifications, risk assessments, threat models, and product security architecture documentation.
• Conduct thorough gap assessments to evaluate compliance with IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97 standards, and implement remediation measures.
• Perform hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, IoMT (Internet of Medical Things) components, and connected systems.

• Collaborate closely with development, compliance, and regulatory teams to ensure product security measures meet both internal security policies and external regulatory expectations.
• Support SBOM management, software supply chain risk evaluations, and third-party component analysis to maintain software transparency and mitigate risks.
• Provide expert input on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems.
• Assist in developing incident response strategies and bring working knowledge of HIPAA, GDPR, and HL7 to address data privacy and healthcare-specific regulatory concerns.
• Contribute to the continuous enhancement of internal secure development processes, tools, and methodologies, while championing security best practices within product teams.

Required Skills and Qualifications:

• Minimum of 6 years of experience in cybersecurity, including at least 3 years focused on medical devices, embedded systems, or IoT security.
• Proven track record in authoring security design, defining technical requirements, and documenting security architectures aligned with regulatory needs.
• Hands-on experience in embedded system security including secure boot, firmware security, threat modeling techniques (e.g., STRIDE, DREAD), and product-level risk assessments.
• Strong understanding of IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97, along with working knowledge of the medical device product development lifecycle and quality standards like ISO 14971.
• Demonstrated expertise in vulnerability management and penetration testing of connected products across device and cloud ecosystems.

Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
• Familiarity with data privacy and interoperability standards such as HIPAA, GDPR, and HL7 is highly desirable.
• Excellent problem-solving skills, critical thinking, and ability to lead gap analysis and remediation activities in regulated environments.
• Strong collaboration skills with the ability to influence cross-functional teams including R&D, compliance, and product management.

Why Join Us

Opportunity to work on cutting-edge technologies.

Lead a high-performing team in a fast-paced, dynamic environment.

Location: Ahmedabad/Pune/Noida/Bangalore/Hyderabad/Indore

We are looking Immediate to 30 days joiner.

Interested candidates can share resume on [HIDDEN TEXT]