Staff Product Security Engineer
Company: Johnson & Johnson
Location: Santa Clara
Posted on: July 10, 2025
|
|
|
Job Description:
At Johnson & Johnson, we believe health is everything. Our
strength in healthcare innovation empowers us to build a world
where complex diseases are prevented, treated, and cured, where
treatments are smarter and less invasive, and solutions are
personal. Through our expertise in Innovative Medicine and MedTech,
we are uniquely positioned to innovate across the full spectrum of
healthcare solutions today to deliver the breakthroughs of
tomorrow, and profoundly impact health for humanity. Learn more at
https://www.jnj.com Job Function: R&D Product Development Job
Sub Function: R&D Software/Systems Engineering Job Category:
Scientific/Technology All Job Posting Locations: Cincinnati, Ohio,
United States of America, Santa Clara, California, United States of
America Job Description: About Surgery Fueled by innovation at the
intersection of biology and technology, we’re developing the next
generation of smarter, less invasive, more personalized treatments.
Are you passionate about improving and expanding the possibilities
of MedTech surgery? Ready to join a team that’s reimagining how we
heal? Our MedTech Surgery team will give you the chance to deliver
surgical technologies and solutions to surgeons and healthcare
professionals around the world. Your contributions will help
effectively treat some of the world’s most prevalent conditions
such as obesity, cardiovascular disease and cancer. Patients are
waiting. Your unique talents will help patients on their journey to
wellness. Learn more at https://www.jnj.com/medtech . We are
searching for the best talent for a Staff Product Security Engineer
position, to be located in Santa Clara, CA or Cincinnati, OH. Job
Description: The Staff Product Security Engineer will be a key
member of the Capital R&D organization, make vital
contributions to the New Product Development (NPD) pipeline and
transform patient care through innovation. They are accountable for
leading our NPD teams and creating a strategy to implement
cybersecurity into the design and development of product hardware
and software for use in cutting edge medical devices and associated
capital equipment You will be responsible for: Identify threats and
vulnerabilities to patient safety and product integrity, assess
current security controls and determine potential impact of a
threat and the risk level associated with threat/vulnerability
pairs. Drive architecture, requirements, and design to ensure that
decisions incorporate security considerations. Advise embedded
system security software to ensure system hardening and secure
coding practices. Support all stakeholders on patch management,
vulnerability handling, and SBOM scanning Document designs and
specifications per design control processes and conform to Industry
Standards for Medical Device Software (IEC 62304) Qualifications /
Requirements: Education: Bachelor’s degree in Computer Science,
Computer Engineering, Cybersecurity or related degree Experience
and Skills 6 years’ experience (or 4 with M.S.) establishing
security architecture or implementing security solutions in
consumer products or medical devices 3 experience in a software
engineering or software architectural role in a New Product
Development (NPD) environment Proven experience with threat
modeling and risk assessments for connected products or medical
devices Ability to work autonomously and proactively seek out
security opportunities within the different surgical robotics teams
Ability to think big picture and have attention to detail –
aligning strategic objectives with tactical implementation. Proven
experience with electrical and embedded software design Experience
developing software for embedded Real-Time Operating Systems (RTOS)
Experience developing embedded software systems using Modern C++
(preferably standards 17) A results and performance driven demeanor
with strong sense of accountability Understanding of penetration
testing, vulnerability scanning, and/or other general security
testing principles Preferred Skills & Experience: Experience with
FDA, data governance, and privacy standards (HIPAA, ISO 27001, UL
2900) Work experience with Systems Engineering activities:
requirements management and development, risk management, and
verification Strong collaboration, proven technical leadership
capabilities, and conflict resolution skills A security
certification from an accredited body is preferred and may be
considered in lieu of a portion of required years of experience
Experience working with secure boot, Trusted Platform Module (TPM),
Data Distribution System (DDS), and QNX Other Requirements: Ability
to travel up to 10% domestic US and Internationally The anticipated
base pay range for this position is $105,000- $169,050. California
Bay Area - The anticipated base pay range for this position is
$141,000 – $227,000. The Company maintains highly competitive,
performance-based compensation programs. Under current guidelines,
this position is eligible for an annual performance bonus in
accordance with the terms of the applicable plan. The annual
performance bonus is a cash bonus intended to provide an incentive
to achieve annual targeted results by rewarding for individual and
the corporation’s performance over a calendar/performance year.
Bonuses are awarded at the Company’s discretion on an individual
basis. Employees and/or eligible dependents may be eligible to
participate in the following Company sponsored employee benefit
programs: medical, dental, vision, life insurance, short- and
long-term disability, business accident insurance, and group legal
insurance. Employees may be eligible to participate in the
Company’s consolidated retirement plan (pension) and savings plan
(401(k)). This position is eligible to participate in the Company’s
long-term incentive program. Employees are eligible for the
following time off benefits: Vacation – up to 120 hours per
calendar year Sick time - up to 40 hours per calendar year Holiday
pay, including Floating Holidays – up to 13 days per calendar year
Work, Personal and Family Time - up to 40 hours per calendar year
Additional information can be found through the link below. For
additional general information on Company benefits, please go to: -
https://www.careers.jnj.com/employee-benefits This job posting is
anticipated to close on 7/22/25. The Company may however extend
this time-period, in which case the posting will remain available
on https://www.careers.jnj.com to accept additional applications.
Johnson & Johnson is an Equal Opportunity Employer. All qualified
applicants will receive consideration for employment without regard
to race, color, religion, sex, sexual orientation, gender identity,
age, national origin, disability, protected veteran status or other
characteristics protected by federal, state or local law. We
actively seek qualified candidates who are protected veterans and
individuals with disabilities as defined under VEVRAA and Section
503 of the Rehabilitation Act. Johnson and Johnson is committed to
providing an interview process that is inclusive of our applicants’
needs. If you are an individual with a disability and would like to
request an accommodation, please email the Employee Health Support
Center (ra-employeehealthsup@its.jnj.com) or contact AskGS to be
directed to your accommodation resource. RADSW Li-Hybrid The
anticipated base pay range for this position is : The anticipated
base pay range for this position is $105,000- $169,050. California
Bay Area - The anticipated base pay range for this position is
$141,000 – $227,000. Additional Description for Pay
Transparency:
Keywords: Johnson & Johnson, Santa Rosa , Staff Product Security Engineer, IT / Software / Systems , Santa Clara, California
