Staff Product Security Engineer

About this role

Career-defining. Life-changing.

At iRhythm, you’ll have the opportunity to grow your skills and your career while impacting the lives of people around the world. iRhythm is shaping a future where everyone, everywhere can access the best possible cardiac health solutions. Every day, we collaborate, create, and constantly reimagine what’s possible. We think big and move fast, driven by our commitment to put patients first and improve lives. We need builders like you. Curious and innovative problem solvers looking for the chance to meaningfully shape the future of cardiac health, our company, and your career

About This Role:

We are seeking a Staff Product Security Engineer with proven experience in the medical device industry. In this role, you will safeguard medical devices by identifying, assessing, and mitigating security risks unique to healthcare technology. You will collaborate with cybersecurity, systems development, product development, product management, and quality and regulatory teams to ensure that security is embedded across the product development lifecycle (PDLC) and the secure software development lifecycle (SDLC), in alignment with FDA cybersecurity requirements.

Key Responsibilities

Cybersecurity Strategy & Leadership

• Provide senior-level cybersecurity leadership across product development, influencing secure design decisions at scale.
• Drive adoption and continuous improvement of the Secure Product Development Framework (SPDF) and secure SDLC practices.
• Translate complex cybersecurity risks into clear, actionable guidance for engineering and business stakeholders.

Regulatory & Compliance

• Ensure compliance with FDA cybersecurity guidance (including Section 524B) and global data privacy regulations (HIPAA, GDPR) in partnership with Regulatory, Quality, Privacy, and Cybersecurity teams.
• Develop and maintain cybersecurity documentation to support pre- and post-market regulatory requirements.

**Risk Management & Thre...