Sign upLog in

Principal Product Security Cloud Engineer

Mondo

Danvers, Massachusetts

Apply
JOB DETAILS
SALARY
$150,000–$170,000 Per Year
SKILLS
Agile Programming Methodologies, Cloud Applications, Cloud Architecture, Cloud Computing, Communication Skills, Communications Security (COMSEC), Computer Security, Continuous Deployment/Delivery, Continuous Integration, Cross-Functional, Cryptography, DevOps, Digital Certificates, Docker, Documentation, Documentation Models, Ecosystems, FDA (Food and Drug Administration), FDA Requirements, HIPAA (Health Insurance Portability and Accountability Act), ISO (International Organization for Standardization), Internet of Things, Market Tracking, Medical Equipment, Microsoft Windows Azure, Penetration Testing, Product Documentation, Product Engineering, Product Programs, Public Key Infrastructure (PKI), Public Key Infrastructure (PKI) Standards, Regulatory Submissions, Risk Analysis, Risk Management, Security Analysis, Security Architecture, Security Attacks, Team Player, Threat Modeling, Threat and risk analysis (TRA), U.S. National Institute of Standards and Technology (NIST)
LOCATION
Danvers, Massachusetts
POSTED
30+ days ago

Apply now: Principal Product Security Cloud Engineer, location is Hybrid (Remote/Onsite). The start date is ASAP for this contract position.

Job Title: Principal Product Security Cloud Engineer
Location-Type: Hybrid (Remote/Onsite – US East Coast hours)
Start Date Is: ASAP
Duration: Contract
Compensation Range:$150-170k Bonus
Benefits: Eligible for Health, Dental, Vision, 401K, PTO
Not eligible for Visa sponsorship

Job Description:
This role is responsible for leading cloud and product security initiatives, ensuring secure design, compliance, and risk mitigation across connected medical device ecosystems.

Day-to-Day Responsibilities:

  • Develop and maintain product security documentation (threat models, risk assessments, SBOM, etc.)
  • Design and implement cloud security controls within Azure environments
  • Collaborate with engineering teams to integrate security into DevOps/CI-CD pipelines
  • Perform security risk assessments for cloud and application infrastructure
  • Define and enforce cryptographic standards (PKI, encryption, key management)
  • Support regulatory submissions with security documentation (FDA, etc.)
  • Conduct vulnerability management, including SAST, SCA, and penetration testing coordination
  • Implement secure device-to-cloud communication (IoT security, Zero Trust, mTLS)
  • Monitor post-market vulnerabilities and support remediation efforts

Requirements:

Must-Haves:
  • Strong experience with Microsoft Azure and cloud security architecture
  • Hands-on experience with threat modeling, risk assessments, and security documentation
  • Deep understanding of PKI, encryption, and certificate management
  • Experience in medical device or regulated environments
  • Knowledge of security tools (e.g., Snyk, Veracode, Wiz)
  • Experience working in DevSecOps / Agile environments
  • Familiarity with compliance frameworks (NIST, ISO 27001, SOC2, HIPAA, etc.)
  • Experience securing IoT or device-to-cloud systems
  • Strong communication and cross-functional collaboration skills
Nice-to-Haves:
  • Experience with FDA regulatory submissions
  • Knowledge of containerization (Docker, Kubernetes)
  • Experience with Zero Trust architecture and cloud HSMs

About the Company

M

Mondo