Job Information

Stryker Principal Product Security Engineer - Mobile (REMOTE) in United States

We are excited to be named one of the World’s Best Workplaces by Fortune Magazine! We are proud to offer you 12 paid holidays annually. For an overview of our benefits and time off, please follow this link to learn more:US Stryker employee benefits. (

Who We Want:

The Principal Product Security Engineer will be a valued professional within the Stryker Product Security organization. They will work with product development team members during the systems development processes to guide product teams with security controls through concept, requirements, design and build phases of new/evolving product. This Engineer will focus mainly on services in mobile devices (iOS, Android, and maybe others), but can support embedded devices or clouds (Azure, AWS, GCP, and others) in the IoT ecosystem, to shape how the security of Stryker products is defined before release to market. This role will drive the consistent generation of threat models, security requirements, aligned design, build and configuration of products through definition and execution of validation, verification, and post-market processes, as needed throughout the product lifecycle.

What You Will Do:

Technical Responsibilities:

  • Collaborate with product teams to assess security risks and drive design decisions for new and evolving products and related systems.

  • Guide product development teams in completing threat models as input into security risk analysis processes.

  • Assemble Security requirements applicable to the new or evolving product under consideration.

  • Support the Security Assurance team working with product teams to guide the generation of software bills of material for a variety of medical device technologies.

  • Support product security incident response (PSIRT) teams, when needed, so they can effectively address (contain or remediate) and then document security incidents.

  • Draft internal and external communications summarizing details concerning security concepts used in requirements, design, and build phases related to medical products and related systems.

  • Provide product security guidance and leadership to internal taskforce teams.

  • Develop and deliver presentations and communications to clearly convey complex technical topics up to next level leaders.

  • Recommend efficiency and process improvements.

Knowledge and Capabilities:

  • Thorough understanding of the current revisions of FDA, NIST, ISO, IEC and other related security frameworks.

  • Proven experience building successful working relationships with internal and external personnel in various departments.

  • Expertise in applying security control frameworks, threat modeling, and scoring the severity of security threats and vulnerabilities.

  • Experience analyzing and supporting enablement of security controls, along with designing secure products, as part of a broad eco-system (embedded devices + clouds + mobile devices) in the IoT ecosystems that healthcare providers need and expect to support safety.

  • Driven to stay up-to-date on vulnerabilities and exploits that may affect the Stryker eco-system across several areas of computing such as cloud, distributed applications, embedded systems, or IOT.

  • Proven expertise working with product development teams in a broad number of computing environments.

  • Excellent written and verbal communication skills.

  • Proven ability to facilitate meetings to accomplish goals and objectives in a collaborative environment.

  • Proven ability to develop and analyze procedural documents and associated artifacts.

  • Can understand and communicate how objectives fit into broader organizational goals, prioritize tasks, and develop timelines and schedules.

What You Will Need:

Basic Qualifications:

  • Bachelor's Degree in product security, computer science, mathematics, statistics, or related field

  • 8+ years of applicable (product) security work experience

Preferred Qualifications:

  • Master’s degree in security related discipline

  • Understands quality management systems, preferably in the healthcare, medical device, or industries that leverage cyber-physical systems.

  • Experience implementing secure technologies in embedded devices, clouds and mobile devices using secure controls, including but not limited to transport and communication protocols.

  • One or more active, industry recognized, and relevant cybersecurity certifications.

  • $126k - $279 salary plus bonus eligible + benefits. Actual minimum and maximum may vary based on location. Individual pay is based on skills, experience, and other relevant factors.

Health benefits include: Medical and prescription drug insurance, dental insurance, vision insurance, critical illness insurance, accident insurance, hospital indemnity insurance, personalized healthcare support, wellbeing program and tobacco cessation program. Financial benefits include: Health Savings Account (HSA), Flexible Spending Accounts (FSAs), 401(k) plan, Employee Stock Purchase Plan (ESPP), basic life and AD&D insurance, and short-term disability insurance. Stryker offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually. Depending on customer requirements employees and new hires in sales and field roles that require access to customer accounts as a function of the job may be required to obtain various vaccinations as an essential function of their role.

Stryker Corporation is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status. Stryker is an EO employer – M/F/Veteran/Disability.